Determining connectivity to a network device to optimize performance for controlling operation of network devices

ABSTRACT

Techniques are described for determining connectivity to a network device to optimize performance for controlling operation of one or more network devices. A computing device may determine connectivity to a network device to send a request for information to the network device. The computing device can determine whether it has access to a network (e.g., a wireless network), which includes the network device. The computing device may determine whether it has authorization to communicate with the network device on the network. Authorization may be based on the registration of the network device to communicate with the computing device. When the computing device can access the network and when the computing is authorized to communicate with the network device, communication (e.g., a request) may occur using the network or by direct transmission to the network device. Otherwise, the computing device may communicate with the network device using a remote network.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is claims the benefit and priority of U.S.Provisional Patent Application No. 62/087,760, filed Dec. 4, 2014,entitled “DETERMINING CONNECTIVITY TO A NETWORK DEVICE TO OPTIMIZEPERFORMANCE FOR CONTROLLING OPERATION OF NETWORK DEVICES,” the entirecontents of which is incorporated herein by reference for all purposes.

TECHNICAL FIELD

The present disclosure relates to network communication. Specifically,techniques are provided for determining connectivity to network devices.

BACKGROUND

People are finding ways to automate operation of devices, such as homeappliances. One such way to automate operation of devices has beenthrough use of home automation equipment. Using a network, a device mayfrequently communicate with home automation devices to synchronizeinformation about status and operation of the device. The device may usemultiple networks, sometimes a cellular data network, to communicatewith home automation devices that are not physically located where thedevice is located. Some devices may use alternative networks, e.g., acellular data network, to reach home automation devices not locatedwithin proximity of the device.

Sometimes communication between an access device and a home automationdevice may encounter delays such that synchronization between thosedevices may become delayed. Such delays may occur for any number ofreasons, such as network latency, network traffic, resource limitations,or the like. Because of such delays, a user's experience in operatingthe home automation devices using a device may be diminished. Forexample, home automation devices may not immediately respond to commandsor controls when they are initiated via a n access device or may notprovide current information to an access device immediately uponrequest.

BRIEF SUMMARY

The present disclosure relates to determining connectivity to networkdevices. Specifically, techniques are provided for determiningconnectivity to a network device to optimize performance for controllingoperation of one or more network devices. Such techniques may bebeneficial for an access device (e.g., a mobile phone) to choose acommunication path to a network device that may improve communicationbetween the access device and the network device. Such improvements incommunication between an access device and a network device may includean increase in the rate of communication, an improvement in theefficiency of choosing a more reliable or faster communication protocol,and an increase in the reliability of the communication. By doing so, anaccess device may receive information (e.g., device information orrules) faster, thereby enabling the access device to reduce time forpresenting such information to a user. The improvement in communicationto a network device by determining connectivity to the network devicemay enable the access device to reduce time for communicatinginformation to control operation of the network device. The reduction intime for communication with a network device can improve an overall userexperience for controlling network devices from an access device.

In some embodiments, a computing device (e.g., an access device) candetermine connectivity to a network device to determine a manner inwhich to communicate a request for information to the network device.The computing device can determine whether it has access to a network(e.g., a wireless network), which includes the network device. When thecomputing device cannot access the network, the computing device maycommunicate with the network device through a remote network. Thecomputing device may also determine whether it has authorization tocommunicate with the network device on the network. Authorization may bebased on the registration of the network device to communicate with thecomputing device. The computing device may identify a type of request bywhich to obtain information, e.g., device information or ruleinformation related to operation of network devices. When the computingdevice can access the network to communicate with the network device andwhen the computing device is authorized to communicate with the networkdevice, then communication (e.g., a request) can occur with the networkdevice using the network or through direct transmission to the networkdevice. When the computing device does not have access to the networkand/or is not authorized to communicate with the network device, thenthe computing device may communicate with the network device using aremote network (e.g., a cloud network). The remote network may be one bywhich the computing device and the network device are registered andauthorized for communication.

According to at least one example, techniques may be provided todetermine connectivity to a network device. Such techniques may beimplemented by a computing device (e.g., an access device or a networkdevice). In certain embodiments, the computing device may be included ina mobile computing device (e.g., a mobile phone). The techniques mayinclude performing operations and/or methods. Some embodiments, mayinclude the computing device, which include one or more data processors.The computing device may further include a memory storing instructionsthat, when executed on the one or more data processors, cause the one ormore data processors to perform operations. Some embodiments may includea computer-program product tangibly embodied in a non-transitorymachine-readable storage medium of a computing device may be provided.The computer-program product may include instructions configured tocause a data processing apparatus to perform operations and/or methodsdisclosed herein. The data processing apparatus may include one or moredata processors.

In at least one embodiments, a technique may include acomputer-implemented method. The method may include detecting, by acomputing device, input corresponding to interaction with an interfaceof the computing device. The method may include determining that thecomputing device is connected to a network including: a local networkincluding a network device; or a remote network. The local network maycomprise a wireless network. The remote network may comprise a network(e.g., a different wireless network or a mobile communication network)that is different from the local network. The method may include, basedon determining that the computing device is connected to the localnetwork, sending a message to the network device using the localnetwork. The message may correspond to an operation of the networkdevice. The method may include, based on determining that the computingdevice is connected to the remote network, sending the message to thenetwork device using the remote network.

In some embodiments, determining that the computing device is connectedto the local network includes: determining an identifier associated withthe local network; comparing the identifier associated with the localnetwork to a stored identifier associated with the local network, wherethe stored identifier is stored on the computing device; and determiningthat the identifier associated with the local network matches the storedidentifier associated with the local network.

In some embodiments, determining that the computing device is connectedto the local network includes determining that the computing device hasauthorization to communicate with the network device on the localnetwork. The computing device may have authorization to communicate withthe network device on the local network when a security key stored isstored on the computing device and the security key is associated with anetwork identifier of the local network. Determining that the computingdevice is connected to the local network may include determining thatthe computing device has access to the local network. The computingdevice may have access to the local network when the computing devicehas established a communication connection to the local network.Determining that the computing device has access to the local networkmay include determining whether a communication protocol of thecomputing device supports communication with the network device usingthe local network.

In some embodiments, determining that the computing device is connectedto the network includes: determining an identifier associated with thelocal network; comparing the identifier associated with the localnetwork to a stored identifier associated with the local network, wherethe stored identifier is stored on the computing device; and determiningwhether the identifier associated with the local network matches thestored identifier associated with the local network. Determining thatthe computing device is connected to the local network may be based ondetermining that the identifier associated with the local networkmatches the stored identifier associated with the local network.Determining that the computing device is connected to the remote networkmay be based on determining that the identifier associated with thelocal network does not match the stored identifier associated with thelocal network.

In some embodiments, determining that the computing device is connectedto the remote network includes: determining an identifier associatedwith the local network; comparing the identifier associated with thelocal network to a stored identifier associated with the local network,where the stored identifier is stored on the computing device; anddetermining that the identifier associated with the local network doesnot match the stored identifier associated with the local network. Theremote network may include a cloud network in communication with thelocal network. Sending the message to the network device using theremote network may include sending the message to the cloud network, andthe cloud network may send the message received from the computingdevice to the network device on the local network.

In some embodiments, the message that is sent to the network deviceusing the remote network is generated using a security key, the securitykey facilitating access to the network device on the local network.

In some embodiments, in response to sending the message to the networkdevice using the local network, receiving a response message from thenetwork device using the local network. The response message maycorrespond to the operation of the network device. In some embodiments,in response to sending the message to the network device using theremote network, receiving a response message from the network deviceusing the remote network, wherein the response message corresponds tothe operation of the network device. The remote network may include acloud network in communication with the local network. The responsemessage may be received from the network device via the cloud network.

In some embodiments, based on determining that the computing device isconnected to the local network and is not connected to the remotenetwork, modifying the interface to display a first indication about theoperation of the network device. In some embodiments, based ondetermining that the computing device is connected to the remote networkand is not connected to the local network, modifying the interface todisplay a second indication about the operation of the network device.

In at least one embodiment, a technique may be implemented by a system.The system may include one or more data processors and a memory storinginstructions that, when executed on the one or more data processors,cause the one or more data processors to perform operations. Theoperations may include detecting input corresponding to interaction withan interface of the computing device. The operations may includedetermining that the computing device is connected to a networkincluding: a local network including a network device; or a remotenetwork. The operations may include, based on determining that thecomputing device is connected to the local network, sending a message tothe network device using the local network. The message may correspondto an operation of the network device. The operations may include, basedon determining that the computing device is connected to the remotenetwork, sending the message to the network device using the remotenetwork.

In at least one embodiment, a technique may be implemented by acomputer-program product tangibly embodied in a non-transitorymachine-readable storage medium. The computer-program product mayinclude instructions configured to cause a data processing apparatus toperform operations. The operations may include detecting inputcorresponding to interaction with an interface of the computing device.The operations may include determining that the computing device isconnected to a network including: a local network including a networkdevice; or a remote network. The operations may include, based ondetermining that the computing device is connected to the local network,sending a message to the network device using the local network. Themessage may correspond to an operation of the network device. Theoperations may include, based on determining that the computing deviceis connected to the remote network, sending the message to the networkdevice using the remote network.

This summary is not intended to identify key or essential features ofthe claimed subject matter, nor is it intended to be used in isolationto determine the scope of the claimed subject matter. The subject mattershould be understood by reference to appropriate portions of the entirespecification of this patent, any or all drawings, and each claim.

The foregoing, together with other features and embodiments, will becomemore apparent upon referring to the following specification, claims, andaccompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

Illustrative embodiments of the present invention are described indetail below with reference to the following drawing figures:

FIG. 1 is an illustration of an example of a network environment, inaccordance with some embodiments.

FIG. 2 is a flowchart illustrating an embodiment of a process forregistering one or more network devices, in accordance with someembodiments.

FIG. 3 is an illustration of an example of a network environment, inaccordance with some embodiments.

FIG. 4 is an illustration of an example of a network environment, inaccordance with some embodiments.

FIG. 5 is an illustration of an example of a network environment, inaccordance with some embodiments.

FIG. 6 is an illustration of an interface for managing network devicesin accordance with some embodiments.

FIG. 7 is an illustration of an interface for managing rules forcontrolling operation of network devices in accordance with someembodiments.

FIG. 8 shows a block diagram of a computing device that determinesconnectivity to network devices in accordance with some embodiments.

FIGS. 9 and 10 show flowcharts illustrating processes for determiningconnectivity to network devices in accordance with some embodiments.

FIG. 11 is an illustration of an example of a front view of a networkdevice, in accordance with an embodiment.

FIG. 12 is an illustration of an example of a side view of a networkdevice, in accordance with an embodiment.

FIG. 13 is an example of a block diagram of a network device, inaccordance with an embodiment.

FIG. 14 is a schematic illustration of a local area network including anetwork device that includes an appliance, in accordance with anembodiment.

FIG. 15 is an example of a block diagram of a network device includingan interface device attached to an appliance, in accordance with anembodiment.

DETAILED DESCRIPTION

In the following description, for the purposes of explanation, specificdetails are set forth in order to provide a thorough understanding ofembodiments of the invention. However, it will be apparent that variousembodiments may be practiced without these specific details. The figuresand description are not intended to be restrictive.

The ensuing description provides exemplary embodiments only, and is notintended to limit the scope, applicability, or configuration of thedisclosure. Rather, the ensuing description of the exemplary embodimentswill provide those skilled in the art with an enabling description forimplementing an exemplary embodiment. It should be understood thatvarious changes may be made in the function and arrangement of elementswithout departing from the spirit and scope of the invention as setforth in the appended claims.

Specific details are given in the following description to provide athorough understanding of the embodiments. However, it will beunderstood by one of ordinary skill in the art that the embodiments maybe practiced without these specific details. For example, circuits,systems, networks, processes, and other components may be shown ascomponents in block diagram form in order not to obscure the embodimentsin unnecessary detail. In other instances, well-known circuits,processes, algorithms, structures, and techniques may be shown withoutunnecessary detail in order to avoid obscuring the embodiments.

Also, it is noted that individual embodiments may be described as aprocess which is depicted as a flowchart, a flow diagram, a data flowdiagram, a structure diagram, or a block diagram. Although a flowchartmay describe the operations as a sequential process, many of theoperations can be performed in parallel or concurrently. In addition,the order of the operations may be re-arranged. A process is terminatedwhen its operations are completed, but could have additional steps notincluded in a figure. A process may correspond to a method, a function,a procedure, a subroutine, a subprogram, etc. When a process correspondsto a function, its termination can correspond to a return of thefunction to the calling function or the main function.

The term “machine-readable storage medium” or “computer-readable storagemedium” includes, but is not limited to, portable or non-portablestorage devices, optical storage devices, and various other mediumscapable of storing, containing, or carrying instruction(s) and/or data.A machine-readable storage medium or computer-readable storage mediummay include a non-transitory medium in which data can be stored and thatdoes not include carrier waves and/or transitory electronic signalspropagating wirelessly or over wired connections. Examples of anon-transitory medium may include, but are not limited to, a magneticdisk or tape, optical storage media such as compact disk (CD) or digitalversatile disk (DVD), flash memory, memory or memory devices. Acomputer-program product may include code and/or machine-executableinstructions that may represent a procedure, a function, a subprogram, aprogram, a routine, a subroutine, a module, a software package, a class,or any combination of instructions, data structures, or programstatements. A code segment may be coupled to another code segment or ahardware circuit by passing and/or receiving information, data,arguments, parameters, or memory contents. Information, arguments,parameters, data, etc. may be passed, forwarded, or transmitted via anysuitable means including memory sharing, message passing, token passing,network transmission, etc.

Furthermore, embodiments may be implemented by hardware, software,firmware, middleware, microcode, hardware description languages, or anycombination thereof. When implemented in software, firmware, middlewareor microcode, the program code or code segments to perform the necessarytasks (e.g., a computer-program product) may be stored in amachine-readable medium. A processor(s) may perform the necessary tasks.

Systems depicted in some of the figures may be provided in variousconfigurations. In some embodiments, the systems may be configured as adistributed system where one or more components of the system aredistributed across one or more networks in a cloud computing system.

A network may be set up to provide an access device user with access tovarious devices connected to the network. For example, a network mayinclude one or more network devices that provide a user with the abilityto remotely configure or control the network devices themselves or oneor more electronic devices (e.g., appliances) connected to the networkdevices. The electronic devices may be located within an environment ora venue that can support the network. An environment can include, forexample, a home, an office, a business, an automobile, a park, or thelike. A network may include one or more gateways that allow clientdevices (e.g., network devices, access devices, or the like) to accessthe network by providing wired connections and/or wireless connectionsusing radio frequency channels in one or more frequency bands. The oneor more gateways may also provide the client devices with access to oneor more external networks, such as a cloud network, the Internet, and/orother wide area networks.

A local area network, such as a user's home local area network, caninclude multiple network devices that provide various functionalities.Network devices may be accessed and controlled using an access deviceand/or one or more network gateways. One or more gateways in the localarea network may be designated as a primary gateway that provides thelocal area network with access to an external network. The local areanetwork can also extend outside of the user's home and may includenetwork devices located outside of the user's home. For instance, thelocal area network can include network devices such as exterior motionsensors, exterior lighting (e.g., porch lights, walkway lights, securitylights, or the like), garage door openers, sprinkler systems, or othernetwork devices that are exterior to the user's home. It is desirablefor a user to be able to access the network devices while located withinthe local area network and also while located remotely from the localarea network. For example, a user may access the network devices usingan access device within the local area network or remotely from thelocal area network. As explained herein, techniques are provided thatallow generation of a single logical network in a local area network,thus preventing multiple logical networks from being associated with thelocal area network. These techniques allow a user, whether locatedlocally or remotely from the local area network, to access all networkdevices in the local area network. Techniques are provided fordetermining connectivity to a network device to optimize performance forcontrolling operation of one or more network devices. Such techniquesmay be beneficial for an access device (e.g., a mobile phone) to choosea communication path to a network device that may improve a rate ofcommunication and/or efficiency of communication between the accessdevice and the network device. By doing so, the access device mayreceive information (e.g., device information or rules) faster, therebyenabling the access device to reduce time for present such informationto a user. The improvement in communication to a network device bydetermining connectivity to the network device may enable the accessdevice to reduce time for communicating information to control operationof the network device. The reduction in time for communication with anetwork device can improve an overall user experience for controllingnetwork devices from an access device.

In some embodiments, a user may create an account with login informationthat is used to authenticate the user and allow access to the networkdevices. For example, once an account is created, a user may enter thelogin information in order to access a network device in a logicalnetwork.

In some embodiments, an accountless authentication process may beperformed so that the user can access one or more network devices withina logical network without having to enter network device logincredentials each time access is requested. While located locally withinthe local area network, an access device may be authenticated based onthe access device's authentication with the logical network. Forexample, if the access device has authorized access to the logicalnetwork (e.g., a WiFi network provided by a gateway), the networkdevices paired with that logical network may allow the access device toconnect to them without requiring a login. Accordingly, only users ofaccess devices that have authorization to access the logical network areauthorized to access network devices within the logical network, andthese users are authorized without having to provide login credentialsfor the network devices.

An accountless authentication process may also be performed when theuser is remote so that the user can access network devices within thelogical network, using an access device, without having to enter networkdevice login credentials. While remote, the access device may access thenetwork devices in the local area network using an external network,such as a cloud network, the Internet, or the like. One or more gatewaysmay provide the network devices and/or access device connected to thelocal area network with access to the external network. To allowaccountless authentication, a cloud network server may provide a networkID and/or one or more keys to a network device and/or to the accessdevice (e.g., running an application, program, or the like). In somecases, a unique key may be generated for the network device and aseparate unique key may be generated for the access device. The keys maybe specifically encrypted with unique information identifiable only tothe network device and the access device. The network device and theaccess device may be authenticated using the network ID and/or eachdevice's corresponding key each time the network device or access deviceattempts to access the cloud network server.

In some embodiments, a home local area network may include a singlegateway, such as a router. A network device within the local areanetwork may pair with or connect to the gateway and may obtaincredentials from the gateway. For example, when the network device ispowered on, a list of gateways that are detected by the network devicemay be displayed on an access device (e.g., via an application, program,or the like installed on and executed by the access device). In thisexample, only the single gateway is included in the home local areanetwork (e.g., any other displayed gateways may be part of other localarea networks). In some embodiments, only the single gateway may bedisplayed (e.g., when only the single gateway is detected by the networkdevice). A user may select the single gateway as the gateway with whichthe network device is to pair and may enter login information foraccessing the gateway. The login information may be the same informationthat was originally set up for accessing the gateway (e.g., a networkuser name and password, a network security key, or any other appropriatelogin information). The access device may send the login information tothe network device and the network device may use the login informationto pair with the gateway. The network device may then obtain thecredentials from the gateway. The credentials may include a service setidentification (SSID) of the home local area network, a media accesscontrol (MAC) address of the gateway, and/or the like. The networkdevice may transmit the credentials to a server of a wide area network,such as a cloud network server. In some embodiments, the network devicemay also send to the server information relating to the network device(e.g., MAC address, serial number, or the like) and/or informationrelating to the access device (e.g., MAC address, serial number,application unique identifier, or the like).

The cloud network server may register the gateway as a logical networkand may assign the first logical network a network identifier (ID). Thecloud network server may further generate a set of security keys, whichmay include one or more security keys. For example, the server maygenerate a unique key for the network device and a separate unique keyfor the access device. The server may associate the network device andthe access device with the logical network by storing the network ID andthe set of security keys in a record or profile. The cloud networkserver may then transmit the network ID and the set of security keys tothe network device. The network device may store the network ID and itsunique security key. The network device may also send the network ID andthe access device's unique security key to the access device. In someembodiments, the server may transmit the network ID and the accessdevice's security key directly to the access device. The network deviceand the access device may then communicate with the cloud server usingthe network ID and the unique key generated for each device.Accordingly, the access device may perform accountless authentication toallow the user to remotely access the network device via the cloudnetwork without logging in each time access is requested. Also, thenetwork device can communicate with the server regarding the logicalnetwork.

In some embodiments, a local area network may include multiple gateways(e.g., a router and a range extender) and multiple network devices. Forexample, a local area network may include a first gateway paired with afirst network device, and a second gateway paired with a second networkdevice. In the event credentials for each gateway are used to create alogical network, a server (e.g., a cloud network server) may registerthe first gateway as a first logical network and may register the secondgateway as a second logical network. The server may generate a firstnetwork ID and a first set of security keys for the first logicalnetwork. The first set of security keys may include a unique securitykey for the first network device and a unique security key for theaccess device for use in accessing the first network device on the firstlogical network. The server may register the second gateway as thesecond logical network due to differences in the credentials between thefirst gateway and second gateway. The server may assign the secondgateway a second network ID and may generate a second set of securitykeys. For example, the server may generate a unique security key for thesecond network device and may generate a unique security key for theaccess device for use in accessing the second network device on thesecond logical network. The server may associate the first networkdevice and the access device with the first logical network by storingthe first network ID and the first set of security keys in a firstrecord or profile. The server may also associate the second networkdevice and the access device with the second logical network by storingthe second network ID and the second set of security keys in a record orprofile. The server may then transmit the first network ID and the firstset of security keys to the first network device, and may transmit thesecond network ID and the second set of security keys to the secondnetwork device. The two network devices may store the respective networkID and set of security keys of the gateway with which each networkdevice is connected. Each network device may send the respective networkID and the access device's unique security key to the access device. Thenetwork devices and the access device may then communicate with thecloud server using the respective network ID and the unique keygenerated for each device.

Accordingly, when multiple gateways are included in the home local areanetwork, multiple logical networks associated with different networkidentifiers may be generated for the local area network. When the accessdevice is located within range of both gateways in the local areanetwork, there is no problem accessing both network devices due to theability of the access device to perform local discovery techniques(e.g., universal plug and play (UPnP)). However, when the user islocated remotely from the local area network, the access device may onlybe associated with one logical network at a time, which prevents theaccess device from accessing network devices of other logical networkswithin the local area network.

Accordingly, techniques and systems are described herein for determiningconnectivity to a network device to optimize performance for controllingoperation of one or more network devices. In some embodiments, acomputing device (e.g., an access device) can determine connectivity toa network device to determine a manner in which to communicate a requestfor information to the network device. The computing device candetermine whether it has access to a network (e.g., a wireless network),which includes the network device. When the computing device cannotaccess the network, the computing device may communicate with thenetwork device through a remote network. The computing device may alsodetermine whether it has authorization to communicate with the networkdevice on the network. Authorization may be based on the registration ofthe network device to communicate with the computing device. Thecomputing device may identify a type of request by which to obtaininformation, e.g., device information or rule information related tooperation of network devices. When the computing device can access thenetwork to communicate with the network device and when the computing isauthorized to communicate with the network device, then communication(e.g., a request) can occur with the network device using the network orthrough direct transmission to the network device. When the computingdevice does not have access to the network and/or is not authorized tocommunicate with the network device, then the computing device maycommunicate with the network device using a remote network (e.g., acloud network). The remote network may be one by which the computingdevice and the network device are registered for communication.

FIG. 1 illustrates an example of a local area network 100. The localarea network 100 includes network device 102, network device 104, andnetwork device 106. In some embodiments, any of the network devices 102,104, 106 may include an Internet of Things (IoT) device. As used herein,an IoT device is a device that includes sensing and/or controlfunctionality as well as a WiFi™ transceiver radio or interface, aBluetooth™ transceiver radio or interface, a Zigbee™ transceiver radioor interface, an Ultra-Wideband (UWB) transceiver radio or interface, aWiFi-Direct transceiver radio or interface, a Bluetooth™ Low Energy(BLE) transceiver radio or interface, an infrared (IR) transceiver,and/or any other wireless network transceiver radio or interface thatallows the IoT device to communicate with a wide area network and withone or more other devices. In some embodiments, an IoT device does notinclude a cellular network transceiver radio or interface, and thus maynot be configured to directly communicate with a cellular network. Insome embodiments, an IoT device may include a cellular transceiverradio, and may be configured to communicate with a cellular networkusing the cellular network transceiver radio. The network devices 102,104, 106, as IoT devices or other devices, may include home automationnetwork devices that allow a user to access, control, and/or configurevarious home appliances located within the user's home (e.g., atelevision, radio, light, fan, humidifier, sensor, microwave, iron,and/or the like), or outside of the user's home (e.g., exterior motionsensors, exterior lighting, garage door openers, sprinkler systems, orthe like). For example, network device 102 may include a home automationswitch that may be coupled with a home appliance. In some embodiments,network devices 102, 104, 106 may be used in other environments, such asa business, a school, an establishment, a park, or any place that cansupport the local area network 100 to enable communication with networkdevices 102, 104, 106. For example, a network device can allow a user toaccess, control, and/or configure devices, such as office-relateddevices (e.g., copy machine, printer, fax machine, or the like), audioand/or video related devices (e.g., a receiver, a speaker, a projector,a DVD player, a television, or the like), media-playback devices (e.g.,a compact disc player, a CD player, or the like), computing devices(e.g., a home computer, a laptop computer, a tablet, a personal digitalassistant (PDA), a computing device, a wearable device, or the like),lighting devices (e.g., a lamp, recessed lighting, or the like), devicesassociated with a security system, devices associated with an alarmsystem, devices that can be operated in an automobile (e.g., radiodevices, navigation devices), and/or the like.

A user may communicate with the network devices 102, 104, 106 using anaccess device 108. The access device 108 may include anyhuman-to-machine interface with network connection capability thatallows access to a network. For example, the access device 108 mayinclude a stand-alone interface (e.g., a cellular telephone, asmartphone, a home computer, a laptop computer, a tablet, a personaldigital assistant (PDA), a computing device, a wearable device such as asmart watch, a wall panel, a keypad, or the like), an interface that isbuilt into an appliance or other device e.g., a television, arefrigerator, a security system, a game console, a browser, or thelike), a speech or gesture interface (e.g., a Kinect™ sensor, aWiimote™, or the like), an IoT device interface (e.g., an Internetenabled device such as a wall switch, a control interface, or othersuitable interface), or the like. In some embodiments, the access device108 may include a cellular or other broadband network transceiver radioor interface, and may be configured to communicate with a cellular orother broadband network using the cellular or broadband networktransceiver radio. In some embodiments, the access device 108 may notinclude a cellular network transceiver radio or interface. While only asingle access device 108 is shown in FIG. 1, one of ordinary skill inthe art will appreciate that multiple access devices may communicatewith the network devices 102, 104, 106. The user may interact with thenetwork devices 102, 104, or 106 using an application, a web browser, aproprietary program, or any other program executed and operated by theaccess device 108. In some embodiments, the access device 108 maycommunicate directly with the network devices 102, 104, 106 (e.g.,communication signal 116). For example, the access device 108 maycommunicate directly with network device 102, 104, 106 using Zigbee™signals, Bluetooth™ signals, WiFi™ signals, infrared (IR) signals, UWBsignals, WiFi-Direct signals, BLE signals, sound frequency signals, orthe like. In some embodiments, the access device 108 may communicatewith the network devices 102, 104, 106 via the gateways 110, 112 (e.g.,communication signal 118) and/or the cloud network 114 (e.g.,communication signal 120).

The local area network 100 may include a wireless network, a wirednetwork, or a combination of a wired and wireless network. A wirelessnetwork may include any wireless interface or combination of wirelessinterfaces (e.g., Zigbee™, Bluetooth™, WiFi™, IR, UWB, WiFi-Direct, BLE,cellular, Long-Term Evolution (LTE), WiMax™, or the like). A wirednetwork may include any wired interface (e.g., fiber, ethernet,powerline ethernet, ethernet over coaxial cable, digital signal line(DSL), or the like). The wired and/or wireless networks may beimplemented using various routers, access points, bridges, gateways, orthe like, to connect devices in the local area network 100. For example,the local area network may include gateway 110 and gateway 112. Gateway110 or 112 can provide communication capabilities to network devices102, 104, 106 and/or access device 108 via radio signals in order toprovide communication, location, and/or other services to the devices.The gateway 110 is directly connected to the external network 114 andmay provide other gateways and devices in the local area network withaccess to the external network 114. The gateway 110 may be designated asa primary gateway. While two gateways 110 and 112 are shown in FIG. 1,one of ordinary skill in the art will appreciate that any number ofgateways may be present within the local area network 100.

The network access provided by gateway 110 and gateway 112 may be of anytype of network familiar to those skilled in the art that can supportdata communications using any of a variety of commercially-availableprotocols. For example, gateways 110, 112 may provide wirelesscommunication capabilities for the local area network 100 usingparticular communications protocols, such as WiFi™ (e.g., IEEE 802.11family standards, or other wireless communication technologies, or anycombination thereof). Using the communications protocol(s), the gateways110, 112 may provide radio frequencies on which wireless enabled devicesin the local area network 100 can communicate. A gateway may also bereferred to as a base station, an access point, Node B, Evolved Node B(eNodeB), access point base station, a Femtocell, home base station,home Node B, home eNodeB, or the like.

The gateways 110, 112 may include a router, a modem, a range extendingdevice, and/or any other device that provides network access among oneor more computing devices and/or external networks. For example, gateway110 may include a router or access point, and gateway 112 may include arange extending device. Examples of range extending devices may includea wireless range extender, a wireless repeater, or the like.

A router gateway may include access point and router functionality, andmay further include an Ethernet switch and/or a modem. For example, arouter gateway may receive and forward data packets among differentnetworks. When a data packet is received, the router gateway may readidentification information (e.g., a media access control (MAC) address)in the packet to determine the intended destination for the packet. Therouter gateway may then access information in a routing table or routingpolicy, and may direct the packet to the next network or device in thetransmission path of the packet. The data packet may be forwarded fromone gateway to another through the computer networks until the packet isreceived at the intended destination.

A range extending gateway may be used to improve signal range andstrength within a local area network. The range extending gateway mayreceive an existing signal from a router gateway or other gateway andmay rebroadcast the signal to create an additional logical network. Forexample, a range extending gateway may extend the network coverage ofthe router gateway when two or more devices on the local area networkneed to be connected with one another, but the distance between one ofthe devices and the router gateway is too far for a connection to beestablished using the resources from the router gateway. As a result,devices outside of the coverage area of the router gateway may be ableto connect through the repeated network provided by the range extendinggateway. The router gateway and range extending gateway may exchangeinformation about destination addresses using a dynamic routingprotocol.

The gateways 110 and 112 may also provide the access device 108 and thenetwork devices 102, 104, 106 with access to one or more externalnetworks, such as the cloud network 114, the Internet, and/or other widearea networks. In some embodiments, the network devices 102, 104, 106may connect directly to the cloud network 114, for example, usingbroadband network access such as a cellular network. The cloud network114 may include a cloud infrastructure system that provides cloudservices. In certain embodiments, services provided by the cloud network114 may include a host of services that are made available to users ofthe cloud infrastructure system on demand, such as registration andaccess control of network devices 102, 104, 106. Services provided bythe cloud infrastructure system can dynamically scale to meet the needsof its users. The cloud network 114 may comprise one or more computers,servers, and/or systems. In some embodiments, the computers, servers,and/or systems that make up the cloud network 114 are different from theuser's own on-premises computers, servers, and/or systems. For example,the cloud network 114 may host an application, and a user may, via acommunication network such as the Internet, on demand, order and use theapplication.

In some embodiments, the cloud network 114 may host a Network AddressTranslation (NAT) Traversal application in order to establish a secureconnection between the cloud network 114 and one or more of the networkdevices 102, 104, 106. For example, a separate secure TransmissionControl Protocol (TCP) connection may be established by each networkdevice 102, 104, 106 for communicating between each network device 102,104, 106 and the cloud network 114. In some embodiments, each secureconnection may be kept open for an indefinite period of time so that thecloud network 114 can initiate communications with each respectivenetwork device 102, 104, or 106 at any time. In some cases, other typesof communications between the cloud network 114 and the network devices102, 104, 106 and/or the access device 108 may be supported using othertypes of communication protocols, such as a Hypertext Transfer Protocol(HTTP) protocol, a Hypertext Transfer Protocol Secure (HTTPS) protocol,or the like. In some embodiments, communications initiated by the cloudnetwork 114 may be conducted over the TCP connection, and communicationsinitiated by a network device may be conducted over a HTTP or HTTPSconnection. In certain embodiments, the cloud network 114 may include asuite of applications, middleware, and database service offerings thatare delivered to a customer in a self-service, subscription-based,elastically scalable, reliable, highly available, and secure manner.

It should be appreciated that the local area network 100 may have othercomponents than those depicted. Further, the embodiment shown in thefigure is only one example of a local area network that may incorporatean embodiment of the invention. In some other embodiments, local areanetwork 100 may have more or fewer components than shown in the figure,may combine two or more components, or may have a differentconfiguration or arrangement of components.

Upon being powered on or reset, the network devices 102, 104, 106 may beregistered with the cloud network 114 and associated with a logicalnetwork within the local area network 100. FIG. 2 illustrates an exampleof a process 200 for registering one or more network devices, such asthe network devices 102, 104, 106 illustrated in FIG. 1. When multiplenetwork devices 102, 104, 106 and gateways 110, 112 are included withina local area network, the network devices and/or gateways may beinstalled at different times, resulting in the techniques described withrespect to FIG. 2 possibly occurring for each network device and/orgateway at different points in time. For example, a user may installnetwork device 102 at a first point in time on a first floor of theuser's house. Gateway 110 may also be located on the first floor,resulting in the network device 102 pairing with gateway 110. The usermay later install gateway 112 and network device 106 on a second floorof the user's home, resulting in the network device 106 pairing withgateway 112.

At 202, a network device may detect one or more gateways upon beingpowered on or reset. In some embodiments, a provisioning process mayoccur when the network device is powered on or reset and detected by anaccess device (e.g., access device 108). During the provisioningprocess, the access device may directly communicate with the networkdevice. In some embodiments, direct communication between networkdevices (e.g., network devices 102, 104, 106) and access device (e.g.,access device 108) may occur using various communications protocols,such as Universal Plug and Play (UPnP), Bluetooth®, Zigbee®,Ultra-Wideband (UWB), WiFi-Direct, WiFi, Bluetooth® Low Energy (BLE),sound frequencies, and/or the like.

The provisioning process may include pairing the network device with agateway and registering the gateway, network device, and access devicewith a server, such as a server located within the cloud network 114.For example, upon being powered on or reset to factory settings, thenetwork device may send or broadcast identification information to oneor more access devices. The identification information may be sentduring a discovery process. For example, the identification informationmay be sent in response to a discovery request from an access device. Insome cases, the identification information may include a name of thenetwork device.

An application, program, or the like that is installed on and executedby the access device may receive the identification information from thenetwork device. When the application on the access device is launched bya user, the access device may display the identification information forselection by the user. Once the network device identificationinformation is selected, the access device may send a signal to thenetwork device indicating that it has been selected. The network devicemay then send to the access device a list of gateways that are detectedby the network device. The access device may receive and display thelist of gateways. In some embodiments, the list of gateways includesmultiple gateways (e.g., gateways 110 and 112) that are located withinthe local area network. The user may select the gateway that the userwishes for the network device to pair. For example, the gateway thatprovides the best signal strength for the network device may beselected. The access device may then prompt the user to enter logininformation that is required for accessing the network signals providedby the selected gateway. For example, the login information may be thesame information that was originally set up to access the gatewaynetwork signals (e.g., when the gateway was initially installed). Onceentered, the access device may send the login information to the networkdevice. The network device may use the login information to pair withthe selected gateway. As one example, network device 102 and networkdevice 104 may be paired with gateway 110, and network device 106 may bepaired with gateway 112.

Once paired with a gateway, the network device may be registered with acloud network (e.g., cloud network 114). For example, the access device(e.g., via the application, program, or the like) may instruct thenetwork device to register with the cloud network upon receivingconfirmation from the network device that it has been successfullypaired with a gateway. At 204, the network device may obtain credentialsfrom the gateway as part of the registration process. For example,network device 102 may obtain credentials from gateway 110. At a same orlater point in time, network devices 104 and 106 may obtain credentialsfrom gateways 110 and 112, respectively. In some embodiments, thecredentials may include a SSID of the local area network and a MACaddress of the gateway. An SSID received from two gateways (e.g.,gateways 110, 112) may be the same due to the gateways both being withinthe same local area network. In some cases, the SSID of the two gatewaysmay be different. The MAC address of each of the gateways may be uniqueto each gateway. As a result of each gateway having a unique MACaddress, the credentials obtained from a gateway may be unique to thatparticular gateway. One of ordinary skill in the art will appreciatethat other credentials may be obtained from a gateway, such as anInternet Protocol address, or the like.

The network device may then send the gateway credentials to the cloudnetwork at 206. For example, the network devices 102, 104, 106 may sendcredentials for the gateway with which each is paired to the serverlocated within the cloud network 114. For example, network device 102may transmit the credentials obtained from gateway 110 to the server,and network device 106 may transmit the credentials obtained fromgateway 112 to the server. In some embodiments, the network device mayalso send information relating to the network device (e.g., MAC address,serial number, make, model number, firmware version, and/or an interfacemodule identifier, or the like) to the server, and/or informationrelating to the access device (e.g., MAC address, serial number,application unique identifier, or the like) to the server. In someembodiments, the communication of the credentials, the network deviceinformation, and/or the access device information sent from the networkdevice to the cloud network server may be in a Hypertext TransferProtocol (HTTP) format, a Hypertext Transfer Protocol Secure (HTTPS)format, a secure Transmission Control Protocol (TCP) format, or thelike. One of ordinary skill in the art will appreciate that othercommunication formats may be used to communicate between the networkdevice and the cloud network server.

Once the credentials, network device information, and/or access deviceinformation are received by the server, the server may register eachgateway as a logical network within the local area network and maygenerate a network ID for each logical network. For example, the servermay register the gateway 110 as a first logical network. During theregistration process, the server may generate a first network ID foridentifying the first logical network. As noted above, one of ordinaryskill in the art will appreciate that any number of gateways may bepresent within the local area network, and thus that any number oflogical networks may be registered for the local area network. Theserver may further generate a first set of security keys forauthenticating the network device and the access device. For example,the server may generate a unique key for the network device 102 and aseparate unique key for the access device 108.

In some embodiments, as previously described, network device 104 mayalso be paired with gateway 110 at the same or a later point in time asthe network device 102. During registration of the network device 104,the server may determine that the access device 108 has already beenregistered with another network device (e.g., network device 102) thatis associated with the same logical network of gateway 110. In suchembodiments, the server may retrieve the first network ID that was usedin registering the first logical network. The server may also generate anew unique security key for the network device 104, and may retrieve theunique key that was previously generated for the access device 108 whenregistering the gateway 110 as the first logical network.

The gateway 112 may also be registered by the server as a second logicalnetwork with a second network ID. A second set of security keys may begenerated for the network device 106 and the access device 108. Forexample, the server may generate a unique security key for the networkdevice 106 and a unique security key for the access device 108 as itrelates to the second logical network. In some embodiments, the gatewaymay 112 be installed at a later point in time after the gateway 110 isinstalled, and thus may be registered as the second logical network atthe later point in time.

A record or profile may then be created for associating each network IDwith the credentials of a corresponding gateway, the correspondingnetwork device(s), and the access device. For example, the server of thecloud network 114 may associate the first network ID with thecredentials of gateway 110. Similarly, the server may associate thesecond network ID with the credentials of gateway 112. In someembodiments, the server performs the association by generating andstoring a record including the network ID, the set of security keys, thegateway credentials, the network devices associated with the network ID(e.g., MAC address or serial number of a network device), the accessdevices associated with the network ID (e.g., MAC address, serialnumber, application unique identifier, or the like), and/or any otherinformation relevant to the network devices and/or gateways. Forexample, the server may store the first network ID and the first set ofsecurity keys in a first record at a first memory space (e.g., in Flash,DRAM, a database, or the like) along with the SSID and MAC address forgateway 110 and an identifier of the network devices 102 and/or 104. Theserver may also store the second network ID and the second set ofsecurity keys in a second record at a second memory space along with theSSID and MAC address for gateway 112 and an identifier of the networkdevice 106. In some embodiments, an example of a network deviceidentifier may include a MAC address of the network device, a serialnumber of the network device, or any other unique identifier.

Each of the first and second network IDs may include a unique number oralphanumeric string generated sequentially or randomly. For example, thefirst time a network device and an associated gateway are registered onthe cloud network 114, the unique network ID for the logical network ofthe gateway may start with 7000000. Each subsequent logical network thatis created may be a sequential increment of the initial network ID(e.g., 7000001, 7000002, 7000003, etc.). As another example, the networkID may be generated by a random or pseudo-random number generator. Oneof ordinary skill in the art will appreciate that other techniques forgenerating a unique ID may be used. The technique used to generate thenetwork IDs may be dependent on a type of database that is included inthe cloud network 114. For example, different databases may havedifferent proprietary mechanisms for creating a unique identifier.

The set of keys generated for each logical network may be generatedusing database specific technique. For example, a MySQL technique may beused to generate the sets of keys. Each key may include a universallyunique identifier (UUID) or a globally unique identifier (GUID). Asdescribed above, for each logical network, the server may generate aunique key for a network device and a separate unique key for an accessdevice.

At 208, the network device may receive the network ID and the set ofsecurity keys. For example, once the server has generated a record orprofile associating the network device 102 with the first logicalnetwork, the server may transmit the first network ID and the first setof security keys to the network device 102. The network device 102 maystore the first network ID and one or more keys of the first set ofkeys. For example, the network device 102 may store the unique securitykey that was created by the server for the network device 102.

As noted previously, the network devices 102, 104, 106 and gateways 110,112 may be installed at different times. For example, in someembodiments, network device 104 may be installed at a point in timeafter the first logical network is created based on the pairing betweengateway 110 and network device 102. In such embodiments, upon beingpowered on, the network device 104 may pair with gateway 110, obtaincredentials from gateway 110, and transmit the credentials to the serverin the cloud network 114 using similar techniques as those describedabove. The server may associate the network device 104 with thepreviously generated first network ID. As described above, the servermay also generate a new unique security key for the network device 104,and may retrieve the unique key that was previously generated for theaccess device 108 when registering the first logical network. Thenetwork device 104 may then receive and store the first network ID andthe security keys from the server.

At 210, the network device may send the network ID and the set ofsecurity keys to the access device. For example, the network device 102may send to the access device 108 the first network ID and the uniquesecurity key generated for the access device 108. The network device 102and the access device 108 may then communicate with the cloud networkserver using the first network ID and each device's unique key. In someembodiments, the network device and the access device may generate asignature using their respective security key. The signature is sent tothe cloud network server along with a communication from the networkdevice or access device. The cloud network server may process thesignature in order to authenticate each device, as described below. Thenetwork device and access device may use different techniques togenerate a signature.

A network device may generate a signature using its uniquely generatedsecurity key. For example, the signature may be expressed as:Authorization=MacAddress”:“Signature”:“ExpirationTime. The Authorizationterm may be an attribute, and the MacAddress, Signature, andExpirationTime terms may include values for the Authorization attribute.In particular, the MacAddress value may include the MAC address of thenetwork device, which may include a unique alphanumeric or numericstring. The network device may retrieve its MAC address from memory andplace it in the MacAddress field. The Signature value may be expressedas: Signature=Base64(HMAC-SHA1(PrivateKey, StringToSign)). The Signaturevalue may include an alphanumeric or numeric string. HMAC-SHA1 is anopen source technique that includes a Hash-based Message AuthenticationCode (HMAC) using a SHA1 hash function. The HMAC-SHA1 technique uses thevalues PrivateKey and StringToSign as inputs. The PrivateKey inputincludes the unique security key that was generated by the server forthe network device. The StringToSign input may be expressed asStringToSign=MacAddress+“\n”+SerialNumber+“\n”+ExpirationTime.Accordingly, the StringToSign input is generated by appending a serialnumber of the network device and an expiration time to the networkdevice's MAC address. The ExpirationTime term may indicate the period oftime for which the signature is valid. In some embodiments, theExpirationTime term may include a current time at which the signature isgenerated plus period of time for which the signature is valid. In oneexample, the ExpirationTime term may be expressed asExpirationTime=Number of seconds since Jan. 1, 1970.

The network device may place the signature in a data packet fortransmission with a communication signal to the cloud network server.The network device may also place the network ID in the data packet. Thesignature and the network ID, if included, may be used by the cloudnetwork server to verify that the network device is associated with thelogical network. In some embodiments, a signature is provided with eachcommunication sent from the network device to the server. Once thesignature is received by the server, the server generates a signatureusing the same expression as that used by the network device. Forexample, the server may retrieve the network device's key and otherrelevant information from storage and generate the signature using thekey and the other information using the expression described above. Theserver then verifies whether the signatures match. Upon determining thatthe signatures match, the server authenticates the network device'scommunication.

An access device may also generate a signature using its uniquelygenerated security key. For example, the access device signature may beexpressed as: Authorization=SDU UniqueId“:”Signature“:”ExpirationTime.The Authorization term may be an attribute, and the SDU UniqueId,Signature, and ExpirationTime terms may include values for theAuthorization attribute. The SDU UniqueId term may include a uniquephone identifier. The SDU UniqueId value may depend on the type ofaccess device that is used and the type of values that may be accessedand/or generated by the type of access device. In some cases, one typeof access device may not allow an application to access a uniqueidentifier of the access device (e.g., a serial number, UUID, or thelike). In such cases, the SDU UniqueId value may include a valuegenerated by an application or program installed on and executed on theaccess device that is used to access the network device. The value maybe unique to the application or program that generated the value. Inother cases, another type of access device may allow an application toaccess a unique identifier of the access device. In such cases, the SDUUniqueId value may include a value that is unique to the access deviceitself, such as a serial number, UUID, or the like. In this example, theaccess device may retrieve the unique value from storage within theaccess device. One of ordinary skill in the art will appreciate thatother unique identifiers may be used to uniquely identify the accessdevice. The Signature value may be expressed as:Signature=Base64(HMAC-SHA1(PrivateKey, StringToSign)). Using thisexpression, the input to the HMAC-SHA1 technique may include aPrivateKey term and a StringToSign term. The PrivateKey input includesthe unique security key that was generated by the server for the accessdevice with regard to a particular logical network. The StringToSigninput may be expressed as StringToSign=UniqueId+“\n”+“\n”+ExpirationTime. The StringToSign value is different from the StringToSign valuegenerated by network device in that no serial number is included.Accordingly, the StringToSign input is generated by appending anexpiration time to the access device's unique identifier. TheExpirationTime term may indicate the period of time for which thesignature is valid, similar to that above for the signature generated bythe network device.

The access device may place the signature in a data packet and maytransmit the data packet to the cloud network server with acommunication signal. The network device may also place the network IDin the data packet. The signature and the network ID, if included, maybe used by the cloud network server to verify that the access device isassociated with the logical network and authorized to communicate withone or more network devices associated with the logical network. In someembodiments, a signature is provided with each communication sent fromthe access device to the server. The cloud server may receive thesignature and may generate a signature using the same expression as thatused by the access device. For example, the server may retrieve theaccess device's key and other relevant information from storage andgenerate the signature using the key and the other information using theexpression described above. The server then verifies whether thesignatures match. Upon determining that the signatures match, the serverauthenticates the access device and allows it to communicate with one ormore of the network devices associated with logical network.

Once the provisioning process is completed, the access device 108 mayaccess the network device 102 locally via the gateway 110 (e.g.,communication signal 118) or remotely via the cloud network 114 (e.g.,communication signal 120). In some embodiments, the communicationbetween the access device 108 and the cloud network 114 may be a HTTP orHTTPS communication. One of ordinary skill in the art will appreciatethat other communication mechanisms may be used to communicate betweenthe access device 108 and the cloud network 114.

The network 100 may enable a user to monitor and/or control operation ofthe devices 102 and 104. For example, a user may monitor and/or controloperation of devices by interacting with a visual interface of thegateway 110 (i.e., a web page for gateway 110) and/or a visual interfacerendered on a display of an access device, such as access device 108. Insome embodiments, an application may be run on the access device. Theapplication may cause the access device to present a graphical interfacethat includes a visual interface for each device accessible on thenetwork 100.

A network device may generate and/or provide a “status” of the networkdevice. In certain embodiments, the status or state of a network devicecan be indicated on a visual interface on the access device, for examplewithin the tile with text and/or graphically. The status of the networkdevice can change based on time (e.g., a period, an interval, or othertime schedule). The status of a network device may be any piece ofinformation pertinent to that particular network device. The status of anetwork device may be any changeable variable of that particular networkdevice. For example, the status of a network device may include a stateof the network device itself (e.g., on or off) or how the network deviceis situated within the network with respect to the other network andother network devices throughout the network. For example, the status ofa network device may refer to the network device's proximity to anothernetwork device and/or its ability to communicate with another networkdevice because of the relative signal strength between the two networkdevices. In certain embodiments, the status can include a value or someother information indicating a unit of measure for a setting or anattribute related to operation of a device connected to the networkdevice. The setting or the attribute can be adjustable within a range ofvalues. For example, the device connected to the network device can be alight bulb and the status can include a value corresponding tobrightness (e.g., a percentage of total brightness) emitted by the lightbulb when the light bulb is powered-on. In another example, the devicecan be a motion sensor and the status can include a value correspondingto sensitivity of the sensor in a range of values between 0 to 100 whenthe sensor is powered on. In yet another example, the device can be afan and the status can include a value corresponding to a speed of thefan on a scale of 0 to 100 when the fan is powered-on.

As described above, upon being powered on or reset, the network devices102 and/or 104 may be registered with the cloud network 114 andassociated with a logical network within the local area network 100.Similarly, upon being powered or switched off or otherwise beingdisconnected from the network 100, the status of the-network device 102would be known and stored by a cache (not shown) associated with thenetwork 100. For example, cloud network 114 may include storage (e.g.cache) that stores the status of the network devices within each localarea network 100 it is connected to and/or provides access to. Inanother example, the gateway 110 may include storage that stores thestatus of the network devices within each local area network it isconnected to and/or provides access to. More specifically, the statusstored in the cache may include a status table which indicates thecurrent status of each network device (as of its last communication witheach network device). A status table may include all statuses of eachnetwork device, or individual storage tables for each local area networkor other subset of its network devices/networks. In one embodiment, achange in status may prompt the-network device to push its change instatus to the cloud network 114 for storage or updating of the cloud'sstored status table. In another embodiment, cloud network 114 and/orgateway 110 may continuously (or periodically) communicate witheach-network device to check to see if its status has changed.

In some embodiments, a network device (e.g. network device 102 and/or104) may, upon connecting to the local area network 100, check thestatus of the network devices on the network 100. In other embodiments,one network device may check the status of one or more of the othernetwork devices on the network 100. The network device may seek to checkthe status of another network device or access device for variousreasons, including to display such status(es) to a user on a display orotherwise, to check whether that network device belongs to the samenetwork, to synchronize or coordinate any scheduled executions, toupdate an attribute based on adjustment received among others. Forexample, a network device or user may desire to check various statuseson a connected device, such as power level, timestamped activity history(e.g. temperature for a thermostat, motion for a motion detector, etc.),how long it has been active/turned on, attributes for operation of theconnected device (e.g., a brightness of a lamp, a speed of a fan, or asensitivity of a sensor, etc.), among many others.

In some embodiments, a device, such as the access device 108 shown inFIG. 1 or the gateway 110, connected to the network 100 can communicatean updated status of a network device, such as the network devices 102and/or 104. The updated status can be communicated via the network 100and can include an adjustment that affects a status of the networkdevice. The adjustment can include an amount of change to one or moreattributes, one or more settings, or a combination thereof related tooperation of the network device connected to the network 100. The accessdevice 108 or the gateway 110 can present a graphical interface that canreceive input corresponding to an adjustment to a status of a device. Insome embodiments, the updated status of the network device communicatedto the network 100 can be received by a network device to which theupdated status applies, or can be received by the gateway 110, the cloudnetwork 110, or any other device in communication with the network. Ifthe device cannot directly receive the updated status, it can alsoreceive the updated status from the cloud network 114, the gateway 110,or the other devices in the network 100. In some embodiments, thenetwork device can communicate its updated status to the network 100,which can indicate whether the status has been updated. The updatedstatus can be received by the access device or any other device in thenetwork 100. In some embodiments where the access device is not locatedwithin the network 100, the access device may not immediately receivethe updated status. The updated status can be stored by the cloudnetwork 114 or the gateway 110 for communication to the access device.The status of the network device can indicate whether an adjustment wasmade based on an adjustment in a setting or an attribute transmitted bythe access device. Alternatively, or additionally, the access device canreceive, from any other network device connected to the network 100, astatus update indicating whether the adjustment was in fact made at anetwork device.

A network device seeking to check the status of any other device on thenetwork 100 may communicate with the cloud network 114, to which alldevices on the network 100 are connected either directly or indirectly.Since the cloud network 114 and/or the gateway 110 can store an updatedtable/list of the statuses of each of the network devices 102 and 104within the requesting network's local area network, the cloud network114 and/or gateway 110 may communicate such status data to the networkdevices 102 and 104 and the access device. For example, if networkdevices 102 and 104 were to each turn on and communicate their statusesto cloud network 114, cloud network 114 may analyze the status ofnetwork devices 102 and 104 and communicate to network devices 102 and104 that they are each connected to the same local area network 100.

FIG. 3 illustrates an example of a network 300, according to embodimentsof the present invention. Specifically, the network 300 can be awireless local area network enabling an access device to communicatewith network devices to control adjustment of attributes related tooperation of the network devices. Network 300 includes network device302, network device 304, network device 306, and network device 308. Thenetwork 300 also includes access device 108. In other words, the network300 may be substantially similar to the network 100 except that accessdevice 108 has been turned on near the network 300, to which it isassociated, or has entered an area to which the network 300 can reach.

When access device 108 can enter the network 300 as shown in FIG. 3,access device 108 may be authenticated based on the access device'sauthentication with the logical network or may otherwise commencecommunication with cloud network 114. Access device 108 may alsocommunicate notification of its presence or other information directlyto other network devices 302-308 within network 300, as shown in FIG. 3by communication paths 330. As noted, such communication may includevarious communications protocols, such as Universal Plug and Play(UPnP), Bluetooth®, Zigbee®, Ultra-Wideband (UWB), WiFi-Direct, WiFi,Bluetooth® Low Energy (BLE), sound frequencies, and/or the like. Forexample, access device 108 may communicate to all other devices innetwork 300, including network device 302, network device 304, networkdevice 306, and network device 308, information/data regarding itsstatus. Such status data may include the fact that it is present andturned on, or other status data/information. At any time that networkdevices 302, 304, 306 and 308 recognize that access device 108 ispresent at network 300, the network devices may communicate back toaccess device 108. For example, the network devices may send anacknowledgement (e.g., ACK signal) back to access device 108 to confirmthat they received the status data sent by access device 108. Thenetwork devices may also send their own status data to access device108.

While network devices 302-308 and access device 108 may each receivecommunication from other network devices around the network 300,including the status of each of those network devices, network devices302-308 and/or access device 108 may be continuously scanning network300 (including, for example, running discovery algorithms) to determinewhether any devices within the network have moved, turned on/off orotherwise added to or subtracted from the network 300, or have otherwisechanged statuses.

Since network devices 302-308 and access device 108 may each receivecommunication from other devices around network 300, including thestatus of each of those devices, each network device within network 300may know the status of each other network device in the network 300. Forexample, access device 108 or devices 302-308 may not be required tocommunicate with cloud network 114 in order to obtain one or more ofsuch statuses. Since cloud network 114 is an external network and may beremote from network 300, communication between network devices withinthe network 300 and cloud 114 may take more time than communicationbetween two devices within network 300. For example, communicationbetween devices within network 300 may take anywhere from 1 millisecondto 100 milliseconds, while communication between a device within network300 and the cloud network 114 may take anywhere from 50 milliseconds to1 second or more). Furthermore, if a network device is retrievinginformation from cloud 114, the request must travel from the networkdevice to cloud network 114, and then the information must travel backfrom cloud network 114 to the network device. This process may doublethe latency caused by retrieving information with cloud 114. Therefore,devices within the network 300 may choose to send and receive/retrievestatuses directly with other devices within the network 300 instead ofcommunicating such information via cloud network 114. When a networkdevice receives status data from another network device on the device'slocal area network 300, it may store that status data so that it mayretrieve and use that status data at a later time.

FIG. 4 illustrates an example of a network 400, according to embodimentsof the present invention. The local area network 400 may include networkdevice 302, network device 304, network device 306, network device 308,and access device 108. FIG. 4 also illustrates that one or more networkdevices 302-308 and/or access device 108 may include a storage device,such as a cache, for storing data, including data regarding its ownstatus and data regarding statuses received from the other deviceswithin local area network 400. For example, access device 108 may, afterbeing powered up, broadcast/send its status to network device 308 viacommunication 434. Network device 308 may store the status data receivedfrom access device 108 until the next time access device 108 updates itsstatus by sending new/updated status data to network device 308. Cachemay be used for storage within network devices 302-308 and/or accessdevices within the local area network 400 so that each of the devicesmay be able to quickly retrieve the data it needs from storage. Anapplication operating on the access device 108 can access the cache toobtain information to display the visual interface for each networkdevice 302-308 registered within the network 400. Although a cachingdevice may be used to store such data within the network and/or accessdevices within the local area network 400, other types of storage may beused.

The cache can contain a known interface list including interfaceinformation for different, known types of devices. The known list caninclude a record for each network device known by the access device 108to exist on the network 400. When an application is run on the accessdevice 108, the access device 108 can access the known interfaces in thecache to present the display of access device 108. The display canpresent one or more visual interfaces, each corresponding to a networkdevice known to exist on the network 400. Each visual interface can begenerated based on a visual interface module corresponding to eachdevice on the network 400. In an example, the display can include avisual interface (e.g., a module tile) for each device in the network400 having an interface in the known interface list.

The cache can also contain known status information about each networkdevice in the known device list. When the application is run on theaccess device 108, the access device 108 can access the known statusinformation in the cache to present a status display. The access device108 can populate each tile with an indicator representing the respectiveknown status information for each device in the known device list. Thestatus display can include an indicator of one or more attributes, oneor more settings, or a combination thereof related to operation of eachdevice in the network 400. For example, the status display can include aspeed of a fan (e.g., a fan speed of 56 in a range of values between 0and 100) of the network device 302 (e.g., a fan), a value of sensitivityof a sensor (e.g., a value of 34 in a range of values 0-100) for thenetwork device 304 (e.g., a motion sensor), a value of brightness (e.g.,65 percent brightness) for the network device 306 (e.g., a light bulb),and a value of temperature (e.g. a slow cooker). Although shown ashaving a single indicator for an attribute or a setting related tooperation of a network device, the status display can present aplurality of indicators corresponding to different attributes and/orsettings related to operation of a network device.

In some embodiments, the cache can include other information about anetwork device. The other information can indicate a device's firmwareversion, last known firmware update status, connectivity to cloudstatus, registration status (e.g., whether the network device has a keyor not), and other such information. The cache can include informationthat could be used for troubleshooting. In embodiments described below,the access device 108 can access status information from another otherdevice on the network 400 and can use that information to update its owncache, update the status display, and/or pass the information to thecloud network 114 and/or the gateway 110 for trouble shooting and/orstorage.

Even though each network device may know and store (e.g. in cache) thestate of each other network device within local area network 400, anetwork device may not know when another network device changes status(e.g. turns/powers off). However, network devices and/or access deviceswithin local area network 400 may broadcast/send any updates in itsstatus to other devices on the network. For example, if network device302 changes status, it may send status data to the other networkdevices, such as network devices 304, 306 and 308 and to access device108. However, network device 302 may not know which devices to updatesince the other devices may change statuses periodically (e.g. turnoff).

Therefore, a network or access device may subscribe to another networkor access device within local area network 400. For example, networkdevices 304, 306 and 308 and access device 108 may subscribe to statusdata notifications/updates from network device 302. Such a subscriptionmay be registered for upon initial connection with network device 302when network device 302 first enters local area network 400 or at anyother time after network device 302 has been associated with local areanetwork 400. Subscriptions may be controlled to last indefinitely or mayexpire after a certain predetermined period of time after initialsubscription. However, network devices may re-subscribe to anothernetwork device before or after their previous subscription has expired.

Subscriptions between network device and/or access devices may beregistered, similar to registering a network device upon initialentrance into the local area network, including security registrationsdescribed herein with respect to FIGS. 1 and 2. For example, a networkdevice may send its unique security key, which it may have stored alongwith its network ID after being registered on the network, to a networkdevice to which it wants to subscribe. However, subscriptions may takeon many other forms, including sending a different form ofidentification to a network device to which a network device wants tosubscribe. However, subscriptions may take on many other forms,including sending a different form of identification to a network deviceto which a network device wants to subscribe.

Upon receiving a subscription from another network device or accessdevice, the device being subscribed to may store a list of the devicesthat subscribed to it. For example, network device 302 may store a listof network devices 304, 306 and 308 and access device 108 after thosedevices subscribe to network device 302. Then, when network device 302undergoes a change in status, network device 302 may send that change instatus to only the devices that had previously subscribed to it butwhere the subscription had not yet expired. Furthermore, according tosome embodiments, the subscription list of a network device may beautomatically updated if that device receives notification that anotherdevice has left the range of the local area network, either from thatdevice itself or from a different device. Therefore, the various deviceswithin a given local area network, such as network 400, each containcontinuously updated statuses of each other device on the network andobtain those statuses and updates through direct communication withoutnecessary use of the cloud.

FIG. 5 illustrates an access device 108 that is located remotely fromnetwork 500 (e.g. local area network), according to embodiments of thepresent invention. Local area network 500 includes gateway 110 andnetwork devices 502 and 504 (which may be, for example, the same as anyof network devices 302-308 in FIGS. 3 and 4), as shown in FIG. 5.However, network 500 may also include a variety of other network devicesand one or more access devices directly connected to network 500.Gateway 110 is connected to cloud network 114, and allows networkdevices 502 and 504 to connect to cloud 114, the internet, or otherexternal networks via gateway 110. In some embodiments, the networkdevices 502 and 504 may include home automation devices that allow auser to access, control, and/or configure various home applianceslocated within the user's home, such as a television, radio, light,microwave, iron, and/or the like.

Access device 108 is not directly connected to network 500. Instead,access device 108 is external to network 500 and may connect to cloudnetwork 114 and to network 500 via cloud network 114. As noted, networkdevices 502 and 504 may change status on a periodic basis. In someembodiments, even when external to and not directly connected to network500, an access device may request to check the status of the devices onthe network. When access device 108 seeks to check the status of anydevice on the network, the access device 108 may transmit/send acommunication 536 to the cloud network 114, to which all devices on thenetwork are connected either directly or indirectly via gateway 110.Since the cloud network 114 stores an updated table/list of the statusesof each of the devices within the requesting access device's network,the cloud network 114 may transmit a communication 538 of such statusdata to the access device 108. For example, after network devices 502and 504 are turned on, authenticated and are a part of network 500,network devices 502 and 504 may communicate their statuses to cloudnetwork 114. Furthermore, any time the status of network devices 502 and504 changes, the device that incurred a status change may push/sendinformation (e.g. an indication) of that status change to cloud network114. Cloud network 114 may store, in cache 526 or otherwise, thestatuses (which may be time stamped in metadata or otherwise) of networkdevices 502 and 504. Therefore, when access device 108 requests fromcloud network 114 the statuses of devices on network 500, cloud 114 maysend its most recently stored/updated statuses to access device 108.

To obtain the most updated status data of devices within network 500,cloud 114 may, upon receiving a request for status data related tonetwork devices 502 and 504, transmit/send a communication 532 (e.g.request, query, etc.) for such status data to network devices 502 and504 via gateway 110. Once network devices 502 and 504 receive thisrequest, network devices 502 and 504 may send a communication 534 (e.g.updated status data) to cloud 114 to replace the previouslystored/cached statuses in cache 526. Upon receipt of updated status data534 from network 500, cloud 114 may send a communication 538 of suchstatus data to the access device 108.

However, the process of cloud network 114 requesting updated statusesfrom network devices 502 and 504 within network 500 may cause latencywithin the system. More specifically, the time required for cloudnetwork 114 to request updated statuses from network devices 502 and 504and to in turn, receive updated statuses from network devices 502 and504 may be substantially greater than the time required for cloudnetwork 114 to send its currently stored statuses (without beingupdated) for network devices 502 and 504 to access device 108. Forexample, of the total time required for access device 108 to receiveupdated statuses from cloud network 114, 80% or more of that total timemay include cloud network 114 requesting updated statuses from networkdevices 502 and 504. On the other hand, of the total time required foraccess device 108 to receive updated statuses from cloud network 114,20% or more of that total time may include the status data beingtransmitted from cloud network 114 to access device 108. Since amajority of the process required for access device 108 to request andreceive status data for network devices 502 and 504 is the transmissionof data between cloud 114 and network devices 502 and 504, the accessdevice 108 and cloud network 114 may maximize efficiency by minimizingthe effect of the transmission of data between cloud 114 and networkdevices 502 and 504 on the whole process/system.

FIG. 6 is an illustration of an interface 605 for managing networkdevices in accordance with some embodiments. Interface 605 may beincluded or implemented in a physical interface of a device (e.g.,access device 108). A physical interface may correspond to or include ascreen of the device. The physical interface may include one or moreinteractive elements (e.g., a control or a button) to operate thedevice. For example, an interactive element may include a power buttonthat, when interacted with, causes the device to turn on or off. One ormore interactive elements of the physical interface may cause interface605 to be presented. All or part of interface 605 may be displayed aspart of or in response to execution of an application. For example,interface 605 may be presented when an application is started (e.g.,launched). In some embodiments, interface 605 may present otherinformation (e.g., rule information) related to operation of devices.

In some embodiments, interface 605 may display information (e.g., deviceinformation) about devices, e.g., any of network devices 302, 304, 306,308 or any of network device 502, 504. Interface 605 may be displayed bya device, e.g., access device 108. Interface 605 may include or displaya graphical interface. Interaction with interface 605 may causeinformation about network devices to be displayed. For example,interaction with interactive element 618 (“Devices”) may cause deviceinformation to be presented in interface 605. In some embodiments,interface 605 may present information associated with a network devicewhen the network device is discovered or rediscovered on a network(e.g., local area network 300). As will be described below, interface605 may be presented based on information stored by a computing device,e.g., a computing device described with reference to FIG. 8.

In some embodiments, information presented in interface 605 may bereceived from a network device, e.g., network device 302. A computingdevice that presents interface 605 may request information (e.g., deviceinformation) from a network device. The information may be received inresponse to a request to the network device or may be provided by thenetwork device without sending a request to the network device. Therequest may be sent to the network device based on one or more criteria.One criterion may include determining whether the computing device hasaccess to the network device via a network. The network may be a localnetwork (e.g., a wireless network), which includes the network device.The network may be a remote network (e.g., a cloud-based network and/ora mobile communication network) that provides access to the localnetwork for communication with network devices on the local network.

Access to a local network that includes one or more network devices maybe based on connectivity to the local network. A device (e.g., an accessdevice) that provides interface 605 may communicate with a networkdevice on a local network when the access device has connectivity to thelocal network. The access device may communicate with the network deviceon the local network using a remote network when the access device doesnot have connectivity to the local network. In some embodiments, theaccess device may communicate with a network device using a remotenetwork and a local network, when connectivity to both types of networksexists. The access device may choose the local network to improve thereliability and speed of communication with the network device. In someembodiments, an access device may communicate with the network deviceselectively using either or both of the local network and the remotenetwork event when the access device has connectivity to the localnetwork. As described further below, the access device can determineconnectivity to a local network based on one or more factors, such aswhether the access device is authorized to communicate with the networkdevice using the local network, whether the access device has access tothe local network, or whether the access device supports communicationusing a communication protocol supported by the network device using thelocal network. A network device may communicate a response to the accessdevice using the same or a different network based on connectivity tothe local and/or the remote networks.

In FIG. 6, interface 605 may display modular tiles 602, 604, 606 forinteracting with network devices in a network. Modular tile 602, modulartile 604, and modular tile 606 may correspond to network device 302,network device 304, and network device 306, respectively. A modular tilemay enable interactions to monitor and/or control operation of a devicecorresponding to the modular tile. Interaction with a modular tile mayenable a user to initiate one or more actions in addition to operating adevice corresponding to the modular tile. The additional action(s) mayoffer enhanced functionality that may not be available from a typicalinterface (e.g., a graphical interface or physical interface) thatenables a user to control operation of a device.

A modular tile may include interactive areas and/or interactive elementsto enable interaction with the modular tile. Modular tiles 602, 604, 606may each include respective icons 650, 652, 654, and respective names640, 642, 644 corresponding to a network device. For example, modulartile 602 corresponds to network device 302 and includes an interactiveelement depicted as a power button 630 for turning device 302 on andoff. In another example, modular tile 604 corresponds to network device304 and includes an interactive element depicted as a power button 632for turning network device 304 on and off. In another example, modulartile 606 corresponds to network device 306 and includes an interactiveelement depicted as a power button 634 for turning network device 306 onand off.

An interactive element shown as a control (e.g., power button) may bedisplayed based on a state of the network device corresponding to thecontrol. An appearance of the interactive element may be altered to bevisibly illuminated, colored, shaded, bolded, animated, modified to adifferent shape, or a combination thereof. Although depicted as acorresponding to a single network device, each modular tile maycorrespond to multiple network devices, or a group of network devices.For purposes of illustration, a modular tile may be described herein asenabling control for operation of a network device. However, in someembodiments, a modular tile may enable control for operation of multiplenetwork devices, some or all of which may be different.

Due to the different in latency of communication with a network devicevia a local network and a remote network, communication between anaccess device and a network device may be impacted. As a result, theappearance and/or functionality of an interactive element correspondingto a network device can be affected based on a response to an actionrequested for a network device. When a request to operate a networkdevice encounters a delay during communication via a remote network, theaccess device may be unable to provide a user with notice about thestatus of the request.

To minimize the negative or diminishing effect on user experiences withcontrolling network devices using the interface 605, an access devicecan modify the appearance and/functionality of an interactive elementbased on determining its connectivity to a network device correspondingto the interactive element. Such techniques may be useful to enable theaccess device to provide a better indication of a response time, statusof a request, or connectivity to a network device.

In one example, when an access device only has connectivity to a networkdevice via a remote network, and not a local network including thenetwork device, the access device can automatically alter the appearanceof an interactive element in interface 605 for the network device basedon the connectivity. The appearance may provide a user with anindication of the response time for controlling a network device,thereby minimizing the negative user experience based on response time.Upon requesting operation of a network device, the interactive elementcorresponding to that network device can be modified to show an inprogress notification based on the type of connectivity to the networkdevice. For example, when the connectivity to a network device is via aremote network, which may result in a longer communication time, anappearance of an interactive element may indicate a delay or in progresswhen a request is sent to the network device. In another example, whenthe connectivity to a network device is only via a local network, anappearance of an interactive element for the network device may indicatea change in status immediately when an operation is requested. Via thelocal network, response times are shorter, so the access device mayanticipate an immediate response. Using techniques described herein, anaccess device can determine connectivity to a network device via localand/or remote networks so as to determine when and what to indicate as astatus of a request based on the connectivity used to access the networkdevice. Because many users demand feedback upon interacting withinterface 605, factoring in the type of connectivity to a network devicecan better enable the access device to provide a more accurateindication of the status of a request to the network device. Knowncommunication characteristics of different types of networks (e.g., alocal network or a remote network) can be considered when determiningthe status to indicate for a network device based on the connectivity toa network device.

In some embodiments, a modular tile may be customizable by developersand/or manufacturers of the corresponding network devices. For, example,name 640 of modular tile 602 is customized to indicate the name of aspecific switch (e.g., “Switch 1”). Additionally or alternatively, amodular tile may convey status information about a corresponding networkdevice or network devices, including, but not limited to, a firmwareversion, a last known firmware update status, status for connectivity toa cloud network, registration status (i.e., an indication that thenetwork device has a key or does not), a primary mode of the networkdevice (i.e., on, off), a secondary mode of the network device (i.e.,standby, high, low, eco), other modes of operation, a schedule, a scenethat is enabled using the network device, settings (e.g., speed orsensitivity) for the network device, one or more attributes (e.g.,brightness) related to operation of the network device, additionalactions that have been initiated based on interaction with a modulartile, rules that may be in effect for the network device or related tooperation of the network device, or a combination thereof.

Each of modular tiles 602, 604, 606 may be chosen and displayed based onthe type and/or capabilities of a network device (e.g., network devices302-306). Interface 605 may be flexible and may dynamically display themost appropriate modular tile 602 based on an environment in which theapplication executes. For instance, interface 605 may enable a mechanismin which a user may pre-configure a modular tile to display anappropriate message for a network device.

FIG. 6 shows that interface 605 may include interactive elements (e.g.,selectable icons and links) 614, 616, 618, 620, 622, and/or 624 outsideof modular tiles 602, 604, 606. For example, refresh icon 614 may beselected to refresh information presented in interface 605, such as, forexample, status and state information displayed in modular tiles 602,604, 606. For instance, one or more of the statuses for each of modulartiles 602, 604, 606, respectively, may be refreshed on an automatic,periodic basis, in addition to being manually updated when refresh icon614 is interacted with (e.g., selected). In some embodiments,interaction with refresh icon 614 may cause interface 605 to be updatedwith modular tiles corresponding to network devices identified on anetwork (e.g., the network 100). A computing device that displaysinterface 605 may perform discovery of the network devices on a network.In one example, the computing device may receive information fromanother network device, e.g., gateway 104. Such information may includedevice information about network devices discovered on a network.

In some embodiments, interface 605 may include an edit link 616.Interaction with edit link 616 may enable one or more of modular tiles602, 604, 606 to be editable. For example, edit link 616 may be selectedto sort or re-order the sequence of modular tiles 602, 604, 606displayed in interface 605. Upon interaction with edit link 616, one ormore of modular tiles 602, 604, 606 may be interacted with to bedisabled or removed. Devices icon 618 may be selected to cause interface605 to be displayed with one or more network devices that are discoveredin a network.

In some embodiments, interface 605 may include a rules icon 620.Interaction with rules icon 620 may enable a graphical interface thatenables customization of display rules pertaining to the networkdevices. The graphical interface may provide one or more interactiveelements to control one or more rules related to control of the networkdevices (e.g., network devices 302, 304, 306). In some embodiments,interaction with rules icon 620 may enable a graphical interface toenable a user to configure rules, modes, notifications, additionalactions, or combinations thereof. The graphical interface may bepresented in interface 605 or may be shown separately from interface605. An embodiment of such a graphical interface presented uponinteraction with rules icon 620 is described with reference to FIG. 7.

In some embodiments, interface 605 may include a news icon 622.Interaction with news icon 622 may enable a graphical interface to bedisplay which presents news including information associated with thenetwork devices and/or the applications. For instance, interaction withnews icon 622 may cause a graphical interface to be displayed in theaccess device to present information related to the network devicescontrolled via modular tiles 602, 604, 606 and/or information relevantto the application, such as notifications of available tile updates.

In some embodiments, interface 605 may include a more icon 624.Interaction with more icon 624 may provide one or more additionalgraphical interfaces to enable access to additional features forcontrolling and/or monitoring the network devices in a network. Forexample, an additional graphical interface may be displayed to controlone or more settings and/or attributes of any network devices connectedto a network. In another example, an additional graphical interface maybe displayed to configure secondary options to be initiated by aninterface used to control a network device.

Described below with reference to FIGS. 8-10 are techniques fordetermining connectivity to network devices. Such techniques may beuseful to enable a computing device (e.g., an access device) to optimizeperformance for controlling operation of the network devices.Performance for controlling operation of network devices may be improvedby reducing response time for sending information to a network device tocontrol operation of the network device. Controlling operation ofnetwork devices may include presenting information about the networkdevices in an interface, such as interface 605. As such, the informationdisplayed in interface 605 may enable a user to choose a device tocontrol.

The techniques for determining connectivity to network devices mayenable the computing device to determine a faster and/or more efficientcommunication path to a network device to obtain device information. Afaster communication path may enable the information about networkdevices to be received faster, thereby enabling such information to bepresented sooner. A reduction in wait time for device information mayenable a user to receive status about network devices. Such animprovement can improve user experience by reducing the time for a userto be presented with status information used to decide how to control anetwork device.

FIG. 7 is an illustration of an interface 705 for displaying rules forcontrolling operation of network devices in accordance with someembodiments. Interface 705 may be displayed by a device, e.g., accessdevice 108. Interface 705 may include or display a graphical interface.Interface 705 may include references to elements described withreference to FIG. 6.

In the example shown in FIG. 7, interface 705 may be presented inresponse to interaction with interactive element 620. Interface 705 maypresent rules information associated with one or more network devices,e.g., any of network devices 302, 304, 306, 308 or any of network device502, 504. Interface 705 may be presented as part of an application.Interface 705 may be presented when an application is started.

In some embodiments, interface 705 may present information associatedwith a network device when the network device is discovered on a network(e.g., the local area network 300). In some embodiments, the informationmay be presented in interface 705 upon receiving input indicatinginteraction with the interactive element 620 (“Rules”). As will bedescribed below, interface 705 may be presented based on informationreceived from a computing device, such as a computing device describedwith reference to FIG. 8. The information presented in interface 705 maybe stored by the computing device. The computing device may provide theinformation in response to a request by access device 108. In doing so,the computing device may reduce communication time for the access deviceto receive current information, thereby enabling the access device toimprove responsiveness for presenting the rule information associatedwith network devices in interface 705.

In certain embodiments, interface 705 may present one or more graphicalinterfaces with information indicating one or more criteria (e.g., arule) related to operation of one or more devices. For example,interface 705 may display modular tiles 702, 704, 706, eachcorresponding to a one or more criteria related to operation of one ormore network devices. For example, each of modular tiles 702, 704, 706may correspond to one or more rules related to operation of one or morenetwork devices. In some embodiments, a modular tile may correspond to arule related to operation of a group of network devices. Modular tile702, modular tile 704, and modular tile 706 may each correspond to arule for operation network device 302, network device 304, and networkdevice 306, respectively. For example, modular tile 702 may display oneor more criteria indicating that network device 302 is scheduled to beoperated (e.g., powered on) between 8 am and 8 pm daily. In anotherexample, the modular tile 704 may display one or more criteriaindicating that network device 304 is to be operated (e.g., powered on)on a particular date (e.g., July 26^(th)). In another example, modulartile 706 may display one or more criteria indicating that network device306 is to be turned on at sunset. In some embodiments, a modular tilemay be interactive to enable it to be moved in relation to anothermodular tile. In such instances, a rule corresponding to each modulartile may be joined to form a new rule based on the rules of each modulartile that is combined.

In some embodiments, a modular tile, such as any one of modular tiles702, 704, 706 may be interactive such that interaction with the modulartile may cause another graphical interface to be displayed. Thegraphical interface may present information about a rule correspondingto the modular tile. In some embodiments, the graphical interface mayinclude one or more interactive elements to edit or remove a rulecorresponding to the modular tile.

The information (e.g., a rule) presented in any of modular tiles 702,704, 706 may be determined based on information stored by the accessdevice. Updates to information presented in a modular tile may bereceived by a computing device described with reference to FIG. 8. Eachof modular tiles 702, 704, 706 may be updated or deleted and new modulartiles may be added based on updates to rules stored by the computingdevice. In some embodiments, interface 705 may include interactiveelements to configure a rule corresponding to each of the modular tiles702, 704, 706. Interface 705 may include interactive elements to createnew rules.

In some embodiments, a device that displays interface 705 may determineconnectivity to a network device corresponding to one or more rules tobe presented in interface 705. The device may determine connectivity toa network device to improve optimization for controlling operation ofthe network device. Connectivity may be determined by implementingtechniques such as those described above and those described furtherbelow. For example, the device may determine connectivity to a networkdevice to obtain rules information for operation of network devices. Bydetermining the connectivity to the network device, the device mayimprove response time for receiving rule information. Such animprovement may enable the device to improve response time forcontrolling operation of devices based on the rule information.

In some embodiments, interface 750 may include an interactive element730 (e.g., “More”), which causes interface 750 to present informationabout one or more additional rules. The information about an additionalrule may be displayed using a modular tile as described herein.

Now turning to FIG. 8, a block diagram of a computing device 800 forcaching information associated with network devices is shown inaccordance with some embodiments. In particular, computing device 800may store information associated with network devices (e.g., networkdevice 302, network device 304, network device 306, and/or the networkdevice 308) in cache 850.

The computing device 800 may store information 860 in cache 850.Information 860 may be associated with one or more of the networkdevices. Information 860 may include one or more criteria 862 related tooperation of one or more network devices (e.g., a network device).Criteria 862 may include factors for operating one or more devices(e.g., an “operation criterion”). For example, an operation criterionmay indicate a value for an attribute, a setting, a mode, or the likerelated to operation of a network device. Criterion 862 may include acriterion indicating an instruction for controlling operation of one ormore network devices (e.g., an “instruction criterion”). For example, aninstruction criterion may indicate one or more conditions for applyingoperation criterion. Criterion 862 may include a rule. A rule may bebased on either or both of an instruction criterion and an operationcriterion. A criterion may be based on, for example, time, date,weather, geographical location, an event, or combinations thereof.

Information 860 may include device information 864 (e.g., “devicelist”). Device information 864 may include information corresponding toone or more network devices connected to a network. For example, deviceinformation 864 may include a device list. The network may include anetwork to which computing device 800 is connected. In some embodiments,device information 864 may include an identifier (e.g., a deviceidentifier) corresponding to each network device on the network, adevice address (e.g., a device IP address), other information about thenetwork device, or combinations thereof. Device information 864 mayinclude operation information corresponding to information about anetwork device. Operation information may include a type of a device, anattribute of a device, a setting of the device, a state of a device,connectivity of a device to a network, or combinations thereof.

Information 860 may include status information 866. Status information866 may include information related to a status of one or more networkdevices connected to a network. Status information 866 may be based onstatus data received from one or more network devices. Statusinformation 866 may include other status information about networkdevices, e.g., current information related to operation of each networkdevice. For example, status information 866 may include a current valueof a setting of a network device, a current value of an attribute of anetwork device, a current state of a network device, a current mode of anetwork device, a current value of a configuration of a network device,status information described with reference to FIGS. 3-5, orcombinations thereof.

Information 860 may include other information 868 related to one or morenetwork devices connected to a network. Such information 868 may includeregistration information (e.g., a security key) for a network deviceconnected to a network. Information 868 may be received from a networkdevice. Other information 868 may include information communicatedbetween network devices.

In some embodiments, information 868 may include display and controlinformation about states of operation of network devices. The displayinformation may be based on one or more factors related to networkconnectivity, such as a type of network connection (e.g., connection viaa local network or a remote network) to a network device. Computingdevice 800 can determine an appearance and/or functionality of aninteractive active element for a network device based on the displayinformation and determining network connectivity to the network deviceusing techniques disclosed herein.

In certain embodiments, computing device 800 may include or beimplemented as an access device, a network device (e.g., the networkdevice 102), a router, a gateway (e.g., the gateway 110), a hub device,a repeater device, a range extender, an access point, a bridge, a basestation, a Node B device, eNode B device, an access point base station,a Femtocell device, a modem, any other device that provides networkaccess among one or more computing devices and/or external networks, thelike, or a combination thereof. Computing device 800 may include a homeautomation device such as one that may be included in network device 102or network device 302. Computing device 800 may include an IoT device.

Computing device 800 may include any human-to-machine interface withnetwork connection capability that allows access to a network. Forexample, computing device 800 may include a stand-alone interface (e.g.,a cellular telephone, a smartphone, a home computer, a laptop computer,a tablet, a PDA, a wearable device such as a smart watch, a wall panel,a keypad, or the like), an interface that is built into an appliance orother device e.g., a television, a refrigerator, a security system, agame console, a browser, or the like), a speech or gesture interface(e.g., a Kinect™ sensor, a Wiimote™, or the like), an internet of things(IoT) device interface (e.g., an Internet enabled appliance such as awall switch, a control interface, or the like). Computing device 800 maybe configured to execute an application, a web browser, a proprietaryprogram, or any other program executed and operated by a computingdevice.

In certain embodiments, computing device 800 may be implemented as oneor more functional blocks or modules configured to perform variousoperations for caching information associated with network devices(e.g., network device 302, network device 304, network device 306,and/or the network device 308). The functional blocks and modules may beimplemented in hardware, firmware, software, or combinations thereof.Computing device 800 may include a communication module 820, aninterface manager 870, a communication manager 810, a request manager830, and authorization manager 840. Computing device 800 may include oneor more interface(s), e.g., interface 880. Interface 880 may include aphysical interface, a graphical interface, other types of interfaces, orcombinations thereof. For example, interface 880 may provide interface605 of FIG. 6 and/or interface 705 of FIG. 7.

Communication module 820 may support communication with other devices,such as a network device (e.g., one or more of network devices 302-308),an access device, or both. Communicate module 820 may supportcommunication with one or more networks, such as a network (e.g., alocal area wireless network) to which one or more network devices areconnected, or a remote network. Communication module 820 may include oneor more wireless transceivers operable to receive and transmit wirelesssignals (e.g., signal 810). Wireless signals may be received andtransmitted via an antenna of computing device 800. Communication module820 may communicate with other devices via a local area network. Thelocal area network may include a wireless network, a wired network, or acombination of a wired and wireless network. Communication module 820may provide network access to other network devices. The network accessmay be of any type of network familiar to those skilled in the art thatcan support data communications using any of a variety ofcommercially-available protocols. In some embodiments, the wirelessnetwork may be any wireless network such as a wireless local areanetwork (e.g., local area network 100), such as WiFi, a PAN, such asBluetooth® or Zigbee®, or a cellular network (e.g. a GSM, WCDMA, LTE,CDMA2000 network). For example, communication module 820 may providewireless communication capabilities for a local area network using acommunications protocol, such as WiFi™ (e.g., IEEE 802.11 familystandards, or other wireless communication technologies, or anycombination thereof). Using a communications protocol(s), communicationmodule 820 may support radio frequencies on which wireless enableddevices in the local area network can communicate.

Communication module 820 may be configured to enable devices (e.g.,network device 302, network device 304, network device 306, and/or thenetwork device 308) to communicate with each other in a local areanetwork (e.g., the network 300). In some embodiments, communicationmodule 820 may provide a device access to one or more external networks,such as a remote network (e.g., cloud network 114), the Internet, and/orother wide area networks.

In some embodiments, communication module 820 may communicate directlywith a network device (e.g., any of the network devices 102-106 or anyof network device 302-208). For example, communication module 820 may beconfigured to communicate directly with a network device. Such directcommunication may occur by use of Zigbee™ signals, Bluetooth™ signals,WiFi™ signals, infrared (IR) signals, or the like. In some embodiments,direct communicate with a device, such as a network device, may occurwhen computing device 800 has authorization to communicate with thenetwork device using a network. Request manager 830 may determineauthorization. In some embodiments, while computing device 800 may beconfigured to communicate with a network device, but computing device800 may be unable to communicate with the network device when computingdevice 800 does not have authorization to communicate with the networkdevice via a network (e.g., a local network 300). Communication module820 may handle communication with a network device and/or a network(e.g., a local network or a remote network). In some embodiments,computing device 800 may communicate with a remote network (e.g., acloud network 114) to communicate with a network device. Suchcommunication may occur when computing device 800 does not have accessto a network including the network device or when computing device 800does not have authorization to communicate with the network device via anetwork including the network device.

In some embodiments, communication module 820 may send and receiveunicast transmissions. For example, communication module 820 may send aunicast transmission directly to another network device. The unicasttransmission may include a request for information, such as any type ofinformation, e.g., criteria 862, device information 864, statusinformation 866, or other information 868, associated with a device. Anetwork device may be identified using device information 864corresponding to a network device to which the communication isdirected. In another example, communication module 820 may receive aunicast transmission from another network device. A unicast transmissionmay be routed through another network device, such as gateway 110.Communication module 820 may support unicast transmission using userdatagram protocol (UDP), TCP, HTTP, HTTPS, or other suitable protocols.

In some embodiments, communication module 820 may send and receivetransmissions broadcasted via a network to which computing device 800 isconnected. The transmissions may include multicast transmissions and/orbroadcast transmissions. Communication module 820 may communicate usingUDP, UPnP, or other suitable protocol.

Communication manager 810 may manage communication with devices.Specifically, communication manager 810 may determine communicationcapabilities of computing device 800 and may use such capabilities todetermine whether a network, a device, or both are accessible tocomputing device 800. Communication manager 810 may be implemented asone or more functional blocks or modules configured to perform variousoperations for communication manager 810. Communication manager 810 mayinclude a communication capabilities detector 812 and an accessdeterminer 814.

Communication capabilities detector 812 may detect communicationcapabilities of computing device 800. Such information may be providedby communication module 820. Communication capabilities detector 812 maydetermine whether computing device 800 has a capability to communicate,either using wireless communication or wired communication, with anetwork and/or a network device. Communication capabilities detector 812may determine communication capabilities based on a type of computingdevice 800 and/or other information stored by computing device 800 thatindicate its communication capabilities. In some embodiments, acommunication capability may be determined based one or more protocolssupported for communication. A communication capability may include acommunication protocol that is supported by communication module 820 forcommunication with a network, a network device, or combinations thereof.In some embodiments, a communication capability may include the abilityto communicate with a discovered network or device. Communicationcapabilities detector 812 may determine capabilities based on a type ofnetwork and/or network device that is discovered. It can determinewhether communication module 820 is equipped to communicate with thediscovered network or network device. If so, then communicationcapabilities detector 812 can determine the hardware, software,firmware, protocol(s), or combinations thereof, which can be used tocommunicate with a discovered network and/or network device.

Access determiner 814 may determine whether computing device 800 hasaccess to a network (e.g., a wireless network), which includes a networkdevice. Access to a network may correspond to an ability of computingdevice 800 to communicate with the network. Communication with thenetwork may be based on whether computing device 800 is registered andauthorized to access the network. In some embodiments, computing device800 may have access to a network, but may not have access to networkdevices in the network. Access to the network devices may be based onwhether computing device 800 has registered and obtained authorizationto communicate with the network devices. As such, access to a networkmay be based on whether computing device 800 has access to communicatewith the network devices on the network. Access may exist when thenetwork devices are accessible to computing device 800.

An ability to communicate with the network may be based on whethercomputing device 800 and the network support communication using acommunication protocol. An ability to communicate with the network maybe based on computing device's 800 location with respect to acommunication distance from the network. A communication distance may beone which permits a computing device to communicate with the network, ora combination thereof. Access determiner 814 may discover acommunication protocol supported by the network.

Access to a network may be determined based on whether computing device800 has established a communication connection to the network. Anestablished communication connection may indicate that computing device800 has accessed the network and therefore, can communicate with thenetwork. In some embodiments, access to the network may be based onwhether computing device 800 detects a network. In some embodiments, anexistence of the network may enable access determiner 814 to determinethat computing device 800 has access to the network. In someembodiments, access to a network may be facilitated through a remotenetwork (e.g., cloud network 114). Access determiner 814 may determinethat access to the network exists based on computing device 800 havingan ability to communicate with the remote network.

In some embodiments, access determiner 814 can determine whethercomputing device 800 has access to one or more networks. Networks mayinclude local networks (e.g., network 300) and/or remote networks (e.g.,cloud network 114). For example, if a local network exists, accessdeterminer 814 may determine an identifier (e.g., a network identifieror SSID) of the local network. Assuming that computing device 800 cancommunicate with the local network using a communication protocolsupported by computing device 800, computing device 800 may search itsstorage to determine the identifier(s) associated with the networks ithas knowledge of. In some instances where computing device 800 isregistered and authorized to access a network with network devices,computing device 800 may store a network identifier in association witha security key. Using the identified stored by computing device 800,access determiner 814 may compare its stored identifiers with theidentifier of the local network for which access is being evaluated.Access determiner 814 may determine that computing device 800 has accessto the network based on determining that a stored identifier matches anidentifier of the network being evaluated. In some embodiments, accessdeterminer 814 may search its storage for a security key that is storedin association with an identifier of a network for which connectivity isbeing evaluated. The existence of a security key in association with anidentifier of a network may indicate that the computing device 800 ispermitted to access the network.

In some embodiments, computing device 800 can implement an enhancednetwork fingerprinting mechanism that relies on the normal transientresonance of connected devices within a network to uniquely identify anetwork. A network fingerprint or signature is generated that enablesidentification of a unique network from any other network. A network canhave multiple network devices that are connected to the network at anygiven time. Some of these network devices are ‘persistent’ devices thatare connected to the network almost all of the time (e.g., Set TopBoxes/STBs, Media Servers, network-attached storage (NAS) devices,connected light bulbs, etc.). Some other network devices are typicallyconnected most of the time (e.g., desktop computers, connected/smartTVs, etc.). Yet other network devices some are connected to the networksome of the time (e.g., Smart Phones used by or belonging to residentsof a site associated with the network, tablet devices, laptops, etc.),and some other network devices are seldom connected (e.g., guestdevices). A network device can be an internet of things (IoT) device.Based on learning and recording these ‘transient resonances’ of thesespecific network devices with specific media access control (MAC)addresses, techniques described herein can fingerprint a specificnetwork with high accuracy. A local area network may be assigned aunique network identifier based on devices connected to it. A networkprofile can be associated with a unique network identifier. Accordingly,multiple, different network identifiers may be associated with a networkdue to new devices being connected to the network.

In one example, computing device 800 can be an access device, which canaccess the network devices after a current network identifier has beencompared to a previously created network identifier in order toassociate the access device with the same local area network that thenetwork devices are connected to. Thus, computing device 800 candetermine whether it is connected to a network (e.g., a local areanetwork) that includes network devices connected to the network.

The access device can access a cache 860, which can include a networkidentifier table with records including fingerprints reflecting knownaccess devices network devices at different points in time. Each ofrecords can include a fingerprint, a timestamp indicating when thefingerprint was taken, and other information such as the number ofdevices in the network at the time. The network identifier table caninclude a record for each fingerprint stored by the access device, wherefingerprints reflect devices known to exist on the local area network.In an embodiment, the fingerprints stored in cache can be hash valuesgenerated by executing a cryptographic hash function. Within the contextof network fingerprinting, embodiments can compare network fingerprintscreated at different points in time with fingerprint snapshots todetermine that network devices and access devices should be associatedwith the same network. These comparisons of fingerprints can beperformed by computing device 800 or a remote server, such as a serverassociated with the cloud network 114, in order to associate a newlydiscovered network device and/or a newly discovered access device withan existing network. Fingerprint comparisons can also be done locally onan access device or a gateway in cases where a connection to theInternet or the cloud network 114 is unavailable or unreliable, andimmediate use of a newly discovered network device is desired. Anapplication on computing device 800 or a relatively stationary devicesuch as gateway 110 could, based on fingerprint snapshots received fromthe network device and computing device 800, determine that the networkdevice and the computing device 800 are connected to the same network.Records stored in cache 860 store network fingerprints and timestampsthat reflect known network devices. The computing device 800 uses therecords in cache 860 to determine that it is associated with the samenetwork as a given network device. For example, the cache 860 caninclude a fingerprint reflecting the network device, computing device800, and other network devices in the local area network.

Techniques are described for network fingerprinting using media accesscontrol (MAC) behaviors. The techniques create network identifiersreflecting network devices connected to wireless and wired networks. Thenetwork identifier can be a network fingerprint reflecting properties ofa gateway. The gateway properties may include a service setidentification (SSID) of the home local area network, a media accesscontrol (MAC) address of the gateway, and/or the like. The networkdevice may transmit its unique identifier to a server, such as a cloudnetwork server. In some embodiments, the unique identifier sent by thenetwork device may be used to determine information relating to thenetwork device (e.g., MAC address, serial number, or the like), and anaccess device may send its own unique identifier that can be used todetermine information relating to the access device (e.g., MAC address,serial number, application unique identifier, or the like).

The network identifier can reflect network devices that have notpreviously been seen by an application on the access device. In someexamples, a server (e.g., a server of cloud network 114) may determineproperties for a plurality of network devices connected to a home localarea network. The plurality of network devices may include devices thathave previously been seen by the application on the access device, aswell as network devices that have not previously been seen. In oneexample, a network identifier (e.g., a network fingerprint) is createdthat reflects properties of each of the connected network devices thatare accessible using application executing on an access device. In otherexamples, the network identifier is defined based on all networkdevices, access devices, gateways, range extenders, and other devicesconnected to the network. Such connected devices can include wearabledevices, embedded devices, ambient sensors, and other devices havingcommunications capabilities usable to communicate via the network. Anetwork device whose properties are reflected in a network fingerprintmay be a newly discovered network device. The network device can be arelatively stationary device such as, for example, a network gateway, apersonal computer, a connected television (i.e., a smart TV), or atouchscreen device mounted on a wall or other surface (i.e., atouchscreen integrated into the door of a refrigerator or anotherappliance). For example, a home local area network may include a gatewayconnected to a discovered network device. The server may determine thata network device is associated with a known network, and thus that thedevice key for the network device needs to be provided to the gatewayand/or an access device that is also associated with the network. Forexample, the server may determine the existence of multiple device keyscorresponding to respective network devices based on communications fromthe network devices and/or communication from a mobile device that isassociated with the network. Upon discovering a network device that isconnected to a home local area network, the server may receive a uniqueID for the network device, use the unique ID to determine properties forthe network device, and generate a network identifier that reflects thenetwork device's properties as well as respective properties of themobile device and the gateway.

In certain embodiments, a network device may have a unique identifierassigned to it. For example, hardware address for the network device maybe uploaded to the server, added to a device registry associated with anetwork, and evaluated to determine device properties. According tothese embodiments, a network identifier is generated that includesindications of the time the identifier was created, an indication of thenetwork device, and indications of access devices and other networkdevices associated with the network. For example, the network identifiermay be embodied as a network fingerprint that reflects a timestamp whenthe fingerprint was created, the network device, its properties, andidentities and properties of other network devices that were previouslydiscovered, registered, and uploaded to a device registration anddiscovery service hosted on the server. The server may then transmit thenetwork fingerprint to computing device 800 (e.g., an access device)associated with the home local area network. Once received by thecomputing device 800, the network fingerprint is usable to determinethat network devices are associated with the same network. For example,the network fingerprint may also be usable to determine that differentusers are associated with the same network. Accordingly, a networkidentifier can include an indication of a newly discovered networkdevice and can be transmitted to a server so that the network identifiercan be used to authenticate the network device to the network andassociate the network device with the network, regardless of whether thenetwork device has previously been connected to or associated with thenetwork or another network device connected to the network.

In some examples, network devices may send respective communications toa server indicating that they are connected to a local area network. Forexample, a first network device may send a first unique identifier and asecond network device may send a second unique identifier to the server.The server can use the unique identifiers to determine respectiveproperties of each of the network devices and use the properties togenerate a snapshot of a fingerprint for the network that indicates thetime at which the snapshot was taken. A mobile device may subsequentlydiscover the first and second network devices, and compare one or moreprevious snapshots of the network fingerprint with a current networkfingerprint snapshot to determine that the network devices areassociated with the same network, and then authenticate the networkdevices to the network based on the snapshot comparison. By determiningthat the network devices are associated with the same network, computingdevice 800 can determine that it is connected to a local network thathas the network devices.

In an example, the first and second unique identifiers are therespective hardware addresses of the first and second network device.The hardware addresses can be used to determine or infer respectiveproperties of first and second network devices. For example, inembodiments where the hardware addresses are MAC addresses, portions orsubstrings of the MAC addresses can be used to determine a manufacturer,device type, a transience level, and logical name for each networkdevice connected to a network. These and other properties can then beused to create a network identifier (e.g., a network fingerprint) forthe network. In one embodiment, the network identifier can include ahash value that is generated by executing a cryptographic hash function.

In some embodiments, transient devices, such as, for example, certainmobile network devices and access devices, are assigned lower weightsthan more permanent devices, such as, for example, gateways, routers,televisions, appliances (e.g., refrigerators, washing machines, dryers,dishwashers, air conditioners and other large appliances), embeddeddevices, and game consoles. By assigning such lower weights to moretransient devices, discovery and rediscovery of such transient deviceswill have less impact on the overall network fingerprint than discoveryand rediscovery of more permanent devices. For instance, periodic ortemporary disconnections and reconnections of transient devices such assmartphones, tablets, laptops, and portable gaming devices may bereflected in a network fingerprint, but due to the relatively low weightassigned to these devices, the fingerprint will not be impacted asgreatly as when a more permanent device such as a smart television isconnected to or disconnected from the network. For example, a tabletdevice may exhibit usage patterns of being disconnected from a localarea network for several hours each weekday (e.g., while being used onanother, remote network such as a work or school network). Similarly, anaccess device may exhibit patterns of being disconnected from a localarea network each weekday morning and being re-connected to the localarea network each evening. Patterns over time can be identified andfactored into weights for such transient devices. In this way, networkfingerprints for a given network may be considered to be substantiallyidentical when their only differences are the connectivity status oftransient devices. That is, fingerprints over time can be compared andevaluated as having only negligible differences or insignificant changeswhen transient devices are disconnected from and re-connected to anetwork. The network fingerprints can be compared over time to determinewhether changes in a network are significant or not. If enough,significant differences in fingerprints are identified, such as, forexample, the presence of different permanent devices and differentgateways and routers, the comparisons can determine that the networksbeing compared are different networks. As such, computing device 800 candetermine that it does not have access to a network because the networkis different based on the differences in the fingerprints of the networkdevices.

In some examples, respective properties of network devices connected toa local area network are reflected in a network identifier for thatnetwork. For example, a unique identifier of a network device connectedto a local area network can be analyzed to determine the device'smanufacturer, logical name, transience level, and other properties. Thenetwork identifier can be compared to other network identifiers createdover time to associate a user and/or a network device with a local areanetwork. By using such network identifiers (e.g., network fingerprints),a user that has not previously been associated with a network, but whois using computing device 800 (e.g., an access device) previouslyconnected to the network, can be authenticated to the network.Similarly, network fingerprints created at different points in time canbe compared to associate devices with a local area network. For example,when an access device that is being used by a user who has beenpreviously authenticated to the network is connected to a network forthe first time, that device can be associated with the network based onthe user's other devices being reflected in prior fingerprints of thenetwork.

In some embodiments, a process can be implemented by computing device800. Computing device 800 can receive a communication including a uniqueidentifier of a network device connected to a network. This step can beperformed as part of discovery of a network device. In an embodiment,the communication received can include a unique hardware address suchas, for example, a MAC address, of a network device connected to anetwork. Computing device 800 can also receive a snapshot of a networkfingerprint. Next, computing device 800 can use the unique deviceidentifier to determine information about the network device (e.g.,device type, manufacturer, logical name, transience level/weightingfactor). In embodiments, the determination performed in can be performedon a server of cloud network 114. Next, computing device 800 can receivea network identifier of the network (e.g., a network fingerprint) isreceived. The network identifier received can reflect the discovereddevice and other devices connected to the network. Next, computingdevice 800 can compare the network identifier to a previously generatednetwork identifier(s) to confirm network identity, to determinesignificance of any network change(s), and/or to identify relativetransiency of devices. The computing device 800 can identify persistentdevices, transient devices, and/or guest devices based on comparing areceived network identifier with previously generated networkidentifiers generated at different points in time in the past. Thecomputing device 800 can register and authenticate a device based on thecomparison of the network identifiers. Next, the computing device 800can store the received network identifier as the current version ofnetwork identifier (e.g., the current fingerprint). The networkidentifier can be stored with a timestamp as a record in the cache 860.By identifying matching network identifiers, computing device 800 canfurther determine that is connected to the network based on identifyinga matching network identifier.

Techniques are described for creating network identifiers such asnetwork signatures or fingerprints. The techniques can employ active orpassive collection of configuration attributes and properties fromconnected network devices, gateways, and access devices. The attributescan be actively reported by the connected devices and gateways duringnetwork communications. For example, a server can poll the network forthe attributes and properties. The attributes and properties can also bepassively collected as part of a discovery process for the networkdevices and the access devices. The discovery process can include usinga unique identifier provided or communicated by connected devices todetermine attributes of the devices. The attributes may then beincorporated into a network fingerprint. The attribute values may becombined with a timestamp to form a network signature, or fingerprint,for the network.

Upon determining that computing device 800 has access to the network,access determiner 814 may proceed to determine whether it can connect tothe network if it has not already connected to the network. Theconnectivity to the network may be used by computing device 800 todetermine the connection for sending a request to control operation of anetwork device. Access determiner 814 may further determine the networkdevices for which access is permitted via the network.

Upon determining that computing device 800 is not connected to a localnetwork, access determiner 814 may determine whether it has access to aremote network (e.g., network 114) by which access is permitted tonetwork devices on a local network. Access determiner 814 may determinethat it has access to a remote network based on determining that it doesnot store an identifier of a local network. In some embodiments, theexistence of a security key may indicate access to a local network via aremote network. The security key may be used to access a remote network,which is identified based on information in storage associated with thesecurity key. The security key may be generated as part of aregistration process between computing device 800 and one or morenetwork devices on a local network accessible via the remote network.The security key may be used to communicate with the remote network. Forexample, communications sent to a network device via the remote networkmay be encrypted using the security since the communications are not ona trusted network, being facilitated through the remote network.Communications sent by the network devices to computing device 800 viathe remote network may be encrypted using the same security key.Computing device 800 may use the security key to decrypt communications.

Detector 812 may enable computing device 800 to communicate with networkdevices selectively via networks that are accessible to computing device800. By determining whether a local network is accessible to computingdevice 800, computing device 800 may intelligently choose the localnetwork, whereby communication is trusted rather than communication viaa remote network that involves the use of additional securitymechanisms.

Interface manager 870 may manage one or more interfaces, e.g., interface880. Interface manager 870 may be implemented as one or more functionalblocks or modules configured to perform various operations for managinginterface 880. The functional blocks and modules may be implemented inhardware, firmware, software, or combinations thereof. Interface manager870 may include an interface generator 872 and an input handler 874.

Interface generator 872 may generate an interface, e.g., interface 880.Interface 880 may be generated or adjusted in response to input receivedusing interface 880. Interface generator 872 may generate or updateinterface 880 based on a received input or a request for moreinformation, e.g., device information or rule information.

Input handler 874 may manage processing input received from interface880. Input handler 872 may process input received from interaction withone or more interactive elements in interface 880. Interaction mayinclude one or more actions including touching, tapping, swiping,sliding, waving, pressing, dragging, shaking, selecting, an action basedon interaction with an interface, or combinations thereof. Input handler874 may process input received from interface 880. The input maycorrespond to a request for information. The information may include anyof information 860 stored locally on computing device 800. For example,input handler 874 may process input corresponding to interaction withrules icon 620 such that input handler 874 may request for rules (e.g.,criteria 862) associated with one or more network devices on a networkaccessible to computing device 800. In some embodiments, input handler874 may cause request manager 830 to request information based on theinput.

Request manager 830 may handle requests received by computing device800. A request may be based on input received via interface 880. Forexample, a request may correspond to interaction with devices icon 618.In this example, based on the input, request manager 830 may obtaindevice information to present via interface 880. Request manager 830 maybe implemented as one or more functional blocks or modules configured toperform various operations for managing interface 880. The functionalblocks and modules may be implemented in hardware, firmware, software,or combinations thereof. Request manager 870 may include a requestidentifier 832 and a requestor 834.

Request identifier 832 may identify a type of a request. A request maybe received from another element in computing device 800 or may begenerated based on input via interface 880. Request identifier 832 maydetermine a type of a request based on input received via interface 880.The input may correspond to interaction with an icon (e.g., device icon618 or rules icon 620) displayed in interface 880. A type of request maycorrespond to a type of information requested using interface 880. Insome embodiments, a request may be received for information such as acriterion related to operation of a device, device information, statusinformation, other information related to operation of device, orcombinations thereof. In some embodiments, information 860 may not existor may not be current. As such, request identifier 832 may determine atype of request to send to a network and/or to a network device toobtain current information related to operation of devices on thenetwork. The current information may requested based on a type ofrequest. In some embodiments, a request for current information may bebased on a criterion related to operation of a device, deviceinformation, status information, other information related to operationof device, or combinations thereof.

In some embodiments, a type of request may correspond to operation of anetwork device on the network. A type of request may correspond to inputreceived via interface 880. The input may be used to determine a type ofaction for controlling operation of a network device. For example, atype of action may include turning a network device on/off or adjustinga setting or an attribute related to operation of a network device. Inthis example, a type of request may be a request to control operation ofa network device based on the type of action indicated by the input.

In some embodiments, a type of request may be identified based on thetype of action indicated by the input. For example, a type of action maycorrespond to displaying information about network devices on a network.In this example, a type of request may be for device information aboutnetwork devices on the network. The device information may provideinformation to display about network devices on the network. In yetanother example, the received input may indicate a request to displaycurrent criteria related to controlling operation of network devices onthe network. In this example, a type of request may be for a currentcriterion related to controlling operation of network devices on thenetwork. In yet another example, the received input may indicate arequest for current status information related to operation of networkdevices on the network. In this example, a type of request may be forcurrent status information related to operation of network devices onthe network.

Requestor 834 may send a request to a network and/or a network device.The request may be sent based on the identified type of request. In someembodiments, the request may include information indicating a type ofinformation sought for the identified type of request. For example, arequest may include information indicating a request for deviceinformation, a request for status information, other informationrelation to operation of a network device, or combinations thereof. Forexample, a request may include a discovery request for current deviceinformation identifying devices connected to the network.

In some embodiments, requestor 834 may implement techniques for sendinga request to a network device. A request may be sent based on whethercomputing device 800 has access to a network including the networkdevice. A request may be sent based on whether computing device 800 isauthorized to communicate with the network device.

Authorization manager 840 may determine whether computing device 800 isauthorized to communicate with a network device. By having authorizationto communicate with a network device, computing device 800 maycommunicate with the network device directly. However, suchcommunication may be dependent on whether both the network device andcomputing device 800 support a communication protocol to facilitatetheir communication. Direct communication between the network device andcomputing device 800 may depend on whether computing device 800 islocated within proximity to support use of the communication protocol.

In some embodiments, authorization manager 840 can determine whethercomputing device 800 is authorized to communicate with a network deviceby determining whether computing device 800 has registered with a remotenetwork, e.g., cloud network 114. By being registered with a remotenetwork, remote network can establish a security key for computingdevice 800. The security key may be associated with a security keyestablished for a network device. Computing device 800 may store thesecurity key locally. The existence of the security key on computingdevice 800 may provide an indication that computing device 800 hasauthorization to communicate with network device. A network device candetermine whether it is registered with the remote network such that itcan communicate with computing device 800. When a network devicereceives a communication from computing device 800, the network devicemay determine whether it is registered to communicate with computingdevice 800. In some embodiments, a network device may be registered tocommunicate with computing device 800 if it stores a security key foritself and computing device 800, and both security keys are associatedwith each other. A network device may process the communication receivedfrom computing device 800 if the network device is registered tocommunicate with computing device 800.

Requestor 840 can determine a manner by which to communicate with anetwork device based in part on authorization of computing device 800 tocommunicate with the network device. In some embodiments, when computingdevice 880 does not have access to the network (which includes thenetwork device), e.g., network 300, and computing device 800 isauthorized to communicate with the network device on the network,requestor 834 may send a request to a network device by using a remotenetwork (e.g., cloud network 114). To illustrate further, a request maybe sent using a remote network when computing device 800 does not haveaccess to the network because computing device 800 is not located withina distance that enables computing device 800 to communicate with thewireless network. In such an embodiment, computing device 800 maycommunicate with the network via a remote network. A remote network mayperform one or more operations to process a request from computingdevice 800 and may send the request to the wireless network. The requestmay be sent via a gateway, e.g., gateway 110. In another example, arequest may be sent using a remote network when computing device 800does not have a security key enabling it access to communicate with thenetwork device. In such an embodiment, even when the computing devicecan communicate with the network, the request may be directed to aremote network.

When computing device 800 has access to a network (including a networkdevice) and is authorized to communicate with the network device on thewireless network, requestor 834 may send a request using the network.For example, a request may be sent to the network to which computingdevice 800 has registered with. The network device may receive therequest via the network. In some embodiments, using the network to sendthe request may include sending a direct transmission. In someembodiments, the request may be sent via a direct transmission ratherthan sending the request using the network.

Some embodiments, such as those described with reference to FIGS. 9 and10, may be described as a process which is depicted as a flowchart, aflow diagram, a data flow diagram, a structure diagram, a sequencediagram, or a block diagram. Although a sequence diagram or a flowchartmay describe the operations as a sequential process, many of theoperations may be performed in parallel or concurrently. In addition,the order of the operations may be re-arranged. A process is terminatedwhen its operations are completed, but could have additional steps notincluded in a figure. A process may correspond to a method, a function,a procedure, a subroutine, a subprogram, etc. When a process correspondsto a function, its termination may correspond to a return of thefunction to the calling function or the main function.

The processes depicted herein, such as those described with reference toFIGS. 9 and 10, may be implemented in software (e.g., code,instructions, computer instructions, program) executed by one or moreprocessing units (e.g., processors cores), hardware, or combinationsthereof. The software may be stored in a memory (e.g., on a memorydevice, on a non-transitory computer-readable storage medium). In thecontext of computer instructions, the operations representcomputer-executable instructions stored on one or more computer-readablestorage media that, when executed by one or more processors, perform therecited operations. Generally, computer-executable instructions includeroutines, programs, applications, objects, components, data structures,and the like that perform particular functions or implement particulardata types. In some embodiments, the processes depicted in flowchartsherein can be implemented in the system described with respect to FIGS.1-5. The particular series of processing steps in this disclosure arenot intended to be limiting. Other sequences of steps may also beperformed according to alternative embodiments. For example, alternativeembodiments of the present invention may perform the steps outlinedabove in a different order. Moreover, the individual steps illustratedin the figures may include multiple sub-steps that may be performed invarious sequences as appropriate to the individual step. Whileprocessing depicted in FIGS. 9 and 10 may be described with respect toaccessing a single request or a single response, such processing may beperformed for multiple requests and responses, in any number ofcombinations. Furthermore, additional steps may be added or removed. Oneof ordinary skill in the art would recognize many variations,modifications, and alternatives.

In an aspect of some embodiments, each process in FIGS. 9 and 10 can beperformed by one or more processing units. A processing unit may includeone or more processors, including single core or multicore processors,one or more cores of processors, or combinations thereof. In someembodiments, a processing unit can include one or more special purposeco-processors such as graphics processors, digital signal processors(DSPs), or the like. In some embodiments, some or all of processingunits can be implemented using customized circuits, such as applicationspecific integrated circuits (ASICs), or field programmable gate arrays(FPGAs).

Now turning to FIGS. 9 and 10 are examples of techniques that acomputing device, e.g., computing device 800 may perform to determiningconnectivity to a network device for communication with the networkdevice. Such techniques may reduce time for communicating with a networkdevice, such that information may be communicated faster to/from networkdevices. Determining the connectivity to a network device may enable thecomputing device to selectively determine information (e.g., statusinformation) to display to a user based on the connectivity. Suchtechniques may reduce the time for presenting status information to auser, thereby improving user experience and reduce time during startupof an application that presents the information. The processes describedwith reference to FIGS. 9 and 10 may be implemented by an access device(e.g., access device 108), or a network device (e.g., network device302, network device 304, or network device 306).

FIGS. 9 and 10 show flowcharts illustrating processes 900, 1000 fordetermining connectivity to network devices in accordance with someembodiments. Specifically, the processes 900, 1000 depicted with respectto FIGS. 9 and 10 may be implemented to determine connectivity to anetwork device to improve performance for controlling operation of thenetwork device. For example, an access device (e.g., access device 108)may determine connectivity using a network, if available, to a networkdevice. The processes 900, 1000 may determine whether the access devicehas access to a network including the network device. If such a networkis accessible, one or more communication paths may be chosen tocommunicate with the network device.

In some embodiments, processes 900, 1000 may choose a communicate pathwhich may improve communication with the network device. A faster ormore efficient path may enable information to be exchanged fasterbetween an access device and a network device. An improvement incommunication for exchanging information may provide many technicaladvantages. A faster communication path may improve performance forcontrolling operation of a network device because a setting or anattribute for controlling operation of a network device may becommunicated to and from a network device faster. Information about anetwork device or other information (e.g., a rule or device information)may be received faster by the access device. Such an improvement mayenable the access device to present information about a network device(e.g., a status of operation or a rule for controlling the networkdevice) sooner, thereby improving an overall user experience forcontrolling the network device.

In FIG. 9, process 900 may begin at step 902 by detecting inputcorresponding to interaction with an interface of a computing device(e.g., an access device). For example, computing device 800 may detectinput corresponding to interaction with an interface, such as interface605 of FIG. 6, to control operation of a network device. The input maycorrespond to a request via the interface to control power on thenetwork device.

At step 904, a determination is made whether the computing device isconnected to a network. The network may include or have access to one ormore local networks and/or one or more remote networks (e.g., a cloudnetwork). The local network(s) may include one or more network devices,one of which may be the network device for which input was detected atstep 902. The determination as to whether a computing device isconnected to a network may be based on whether the computing device hasaccess to a network that may enable communication with the networkdevice for which input was detected at step 902. Step 906 and/or step910 may be performed to determine whether the computing device isconnected to a network, such that the network includes either or both ofa local network including a network device or a remote network thatprovides access to the local network. Regardless of the networks towhich connections are available, a computing device can selectivelydetermine whether it has connections to multiple different networks. Thecomputing device may determine whether it has a connection to localand/or remote networks, which it can use to determine the betterconnection for communication with a network device.

At step 906, a determination is made whether the computing device isconnected to a local network (e.g., a wireless network) including thenetwork device for which input was detected at step 902. In at least oneembodiment, determining that the computing device is connected to alocal network includes detecting a local network and determining anidentifier associated with the local network. The identifier associatedwith the local network may be compared to a stored identifier, stored onthe computing device, associated with the local network. A determinationcan be made that the computing device is connected to the local networkupon determining that the identifier associated with the local networkmatches the stored identifier associated with the local network. In someembodiments, the identifier may be stored in association with a securitykey that provides access to the local network. Therefore, the existenceof the identifier stored on the computing device may be indicative thatthe computing device is connected to the local network because thecomputing device has the security key to access the local network.

In some embodiments, determining that the computing device is connectedto the local network may include determining that the computing devicehas authorization to communicate with the network device on the localnetwork. The computing device may have authorization to communicate withthe network device on the local network when a security key stored isstored on the computing device and the security key is associated withan identifier (e.g., a network identifier) of the local network.Determining that the computing device is connected to the local networkincludes determining that the computing device has access to the localnetwork. The computing device may have access to the local network upondetermining that the computing device has established a communicationconnection to the local network. Determining that the computing devicehas access to the local network may include determining whether acommunication protocol of the computing device supports communicationwith the network device using the local network. When the computingdevice supports communication with the network device using the localnetwork, it can be determined that the computing device has access tothe local network.

At step 908, based on determining that the computing device is connectedto the local network, a message can be sent to the network device usingthe local network. The message may correspond to an operation of thenetwork device. The message may be sent based on the input detected atstep 902. For example, the message may be a request to control operationof the network device based on the input detected at step 902. Process900 may end at step 914 after sending the message.

Continuing process 900, at step 910, a determination may be made as towhether the computing device is connected to a remote network. Such adetermination may be made to access a network device on a local networkvia the remote network. Therefore, connectivity to the remote networkmay be analyzed as to whether a network device can be accessed using theremote network. Step 910 may be performed based on determining that thecomputing device is not connected to a local network including a networkdevice. In some embodiments, step 910 may be performed regardless as towhether a computing device is connected to a local network. A computingdevice may assess all possible connections to networks, which are usedto determine the better connection to utilize for communicating with anetwork device on a local network. Therefore, step 910 may be performedto determine whether the computing device is connected to a network.

To determine whether the computing device is connected to a remotenetwork, process 900 may include determining that the computing deviceis not connected to a local network. In at least one embodiments, anidentifier associated with the local network is determined. Theidentifier associated with the local network may be compared to a storedidentifier, stored on the computing device, associated with the localnetwork. A determination can be made that the computing device is notconnected to the local network upon determining that the identifierassociated with the local network does not match the stored identifierassociated with the local network. Therefore, the non-existence of theidentifier stored on the computing device may be indicative that thecomputing device is not connected to the local network because thecomputing device has the security key to access the local network.

In some embodiments, different techniques may be applied to identify theexistence of a remote network, and to determine whether a computingdevice is connected to the remote network. For example, a computingdevice may determine whether it has a security key that provides accessto a network device on a local network, to which the computing device isnot connected. The existence of a security key may provide an indicationof access to a local network identified by an identifier stored inassociation with the security key. A computing device may useinformation about remote networks to determine whether any of thoseremote networks providing access to the local network including anetwork device. The computing device may have access to the remotenetwork provided that a security key exists for the network identifiedby the identifier stored with the security key. Based on detecting anexisting remote network identified by the determined information, thecomputing device can determine that it has access to the remote network.The information may indicate remote networks that can be used tocommunicate with a local network. The computing device may establish aconnection with the remote network by opening a communication channelfor communication with a network device on the local network. Thecomputing device may establish a connection with the network deviceusing the security key. By establishing a connection, the computingdevice can determine that is has a connection to the remote network. Aconnection to the remote network may be determined using techniquesdisclosed herein such as those described with reference to FIGS. 1-5.

Based on determining that a computing device is connected to a remotenetwork that provides access to a local network including a networkdevice, at step 912, a message can be sent to the network device usingthe remote network. The message may correspond to an operation of thenetwork device. The message may be sent based on the input detected atstep 902. For example, the message may be a request to control operationof the network device based on the input detected at step 902. Sendingthe message to the network device using the remote network may includesending the message to the remote network, and where the remote networksends the message received from the computing device to the networkdevice on the local network. A message that is sent to the networkdevice using the remote network may be generated using a security key,such as the security stored on the computing device. The network devicemay store the same security key such that it can decrypt the message(received from the remote network) using the security key.

Based on determining that a computing device is not connected to aremote network that provides access to a local network including anetwork device, process 900 may proceed to end at 914.

Now turning to FIG. 10, process 1000 may begin at step 1002 by receivinginput corresponding to interaction with an interface of the computingdevice. For example, input may be received for interaction with aphysical interface of a computing device (e.g., an access device). Theinput may correspond to interaction with an interactive element (e.g., apower button) on the physical interface. In another example, input maybe received for interaction with a graphical interface of a computingdevice. The input may interaction with an interactive element (e.g., apower button) on the graphical interface. For example, the input maycorrespond to tapping an image of an application, which causes theapplication to be launched.

At step 1004, a determination is made whether the computing device hasaccess to a local network (e.g., a wireless network) including a networkdevice. In some embodiments, access to the local network may bedetermined based on whether the computing device has established acommunication connection to the local network. The computing device mayestablish a communication connection by registering with the localnetwork. Thus, the computing device may have established a communicationconnection with the local network by successfully registering with thelocal network.

In some embodiments, access to the local network may be determined bydiscovering a communication protocol of the computing device (e.g., awireless communication protocol) and determining whether thecommunication protocol is supported for communication with the localnetwork. The computing device may not be able to establish acommunication connection to the local network when it is unable tocommunicate with the local network using a communication protocolsupported by the local network. Therefore, in some embodiments, thecomputing device may have access to the local network when the computingdevice supports communication using a communication protocol supportedby the local network.

At step 1006, a type of request to send may be identified. The type ofrequest may correspond to operation of the network device on the localnetwork. A type of request may be identified based on received inputcorresponding to interaction with an interface of the computing device.The input may indicate a type of action for controlling operation of anetwork device. For example, a type of action may include turning anetwork device on/off or adjusting a setting or an attribute related tooperation of a network device. In this example, a type of request may bea request to control operation of a network device based on the type ofaction indicated by the input. In some embodiments, a type of requestmay be based on the type of action indicated by the input. In anotherexample, the type of action may include displaying information aboutnetwork devices on a network. In this example, the type of request maybe for device information about network devices on the network. Thedevice information may provide information to display about networkdevices on the network. In yet another example, the received input mayindicate a request to display current criteria related to controllingoperation of network devices on the network. In this example, the typeof request may be for current criterion related to controlling operationof network devices on the network. In yet another example, the receivedinput may indicate a request for current status information related tooperation of network devices on the network. In this example, the typeof request may be for current status information related to operation ofnetwork devices on the network.

At step 1008, a determination is made whether the computing device hasauthorization to communicate with the network device on the localnetwork. Authorization to communicate with the network device may bedetermined by discovering a security key, e.g., a security key includinga UUID or a GUID, stored on the computing device. The security key maybe associated a network identifier of the local network that includesthe network device. As explained above, a server of a cloud network(e.g., cloud network 114) may register a computing device (e.g., accessdevice 108) and a network device with a local network. Registration mayinclude generating a set of unique security keys for authenticating anetwork device and a computing device, such as an access device. Thesecurity key for a computing device may be stored in association with anetwork identifier of the local network. The existence of the key mayindicate that the computing device has been authenticated. Thus,discovery of such a key may be indicative of a computing device'sauthorization to communicate with a network device on the local network.

At step 1010, a request may be sent to the network device on the localnetwork upon determining that the computing device has authorization tocommunicate with the network device on the local network. The requestmay be sent based on the identified type of request. A request may besent to the network device included on the local network. A manner bywhich the request is sent may be based on whether a computing device hasaccess to a local network and whether the computing device hasauthorization to communicate with the network device on the localnetwork.

Upon determining that the computing device does not have access to thelocal network and upon determining that the computing device hasauthorization to communicate with the network device on the localnetwork, the request may be sent using a remote network (e.g., cloudnetwork 114). To illustrate further, a request may be sent using aremote network when the computing device does not have access to thelocal network, such that the computing device is not located with adistance that enables the computing device to communicate with the localnetwork. In such an embodiment, the computing device may reach the localnetwork via the remote network. The remote network may perform one ormore operations to process the request and may send the request to thelocal network. The request may be sent via a gateway. In anotherexample, a request may be sent using a remote network when the computingdevice does not have a security key enabling it access to communicatewith network device. In such an embodiment, event when the computingdevice can communicate with the local network, such a request may bedirected to a remote network.

Upon determining that the computing device has access to the localnetwork and has authorization to communicate with the network device onthe local network, the request may be sent using the local network. Forexample, the request may be set to the local network to which thecomputing device is registered for access. The network device mayreceive the request via the local network. In some embodiments, usingthe local network to send the request may include sending a directtransmission. In some embodiments, the request may be sent via a directtransmission rather than sending the request using the local network.

At step 1012, process 1000 ends.

FIG. 11 illustrates an example of a front view of a network device 1100.FIG. 12 illustrates an example of a side view of the network device1100. The network device 1100 may include any of the network devices102, 104, or 106 described herein. In some embodiments, the networkdevice 1100 may be a home automation network device. For example, thenetwork device 1100 may include a home automation switch that may becoupled with a home appliance. A user may wirelessly access the networkdevice 1100 in order to access, control, and/or configure various homeappliances located within the user's home. For instance, the user mayremotely control appliances such as a television, radio, light,microwave, iron, space heater, wall A/C unit, washer, dryer, fan, and/orthe like.

In some embodiments, the network device 1100 may include a WiFi enabledswitch that connects home appliances and other electronic devices to acompatible 802.11b/g/n/ac WiFi network. The network device 1100 may thusallow users to locally or remotely turn devices on or off from anywhere,program customized notifications, and/or change device status. Thenetwork device 1100 may further allow a user to create custom schedulesor have devices respond to sunrise or sunset.

The network device 1100 includes an power switch 1102 that may bedepressed in order to turn the network device 1100 on and off. In someembodiments, a light source may be integrated with or located behind thepower switch. For example, a light-emitting diode (LED) may be locatedon a circuit board under the power button 1102. The light source may beilluminated when the network device 1100 is powered on, and may not beilluminated when the network device 1100 is powered off.

The network device 1100 further includes a communications signalindicator 1104.

The signal indicator 1104 may indicate whether the network device 1100has access to a communications signal, such as a WiFi signal. Forexample, the signal indicator 1104 may include a light source (e.g., aLED) that illuminates when the network device 1100 is connected to acommunications signal. The light source may depict different colors orother characteristics (e.g., flashing, dimming, or the like) to indicatedifferent levels of signal strength or mode of operation.

The network device 1100 includes a restore button 1210. The restorebutton 1210 may allow a user to reset the network device 1100 to factorydefault settings. For example, upon being depressed, the restore button1210 may cause all software on the device to be reset to the settingsthat the network device 1100 included when purchased from themanufacturer.

The network device 1100 further includes a plug 1208 and an outlet 1106.The plug 1208 allows the network device 1100 to be plugged into a wallsocket, such as a socket providing 120V, 220V, or the like. In turn, anappliance may be plugged into the outlet 1106. Once the network device1100 is registered according to the techniques described above, anappliance plugged into the socket 1106 may be controlled by a user usingan access device (e.g., access device 108).

FIG. 13 is an example of a block diagram of the network device 1100depicting different hardware and/or software components of the networkdevice 1100. As described above with respect to FIGS. 11 and 12, thenetwork device 1100 includes the outlet 1106, the plug 1208, the powerbutton 1102, the restore button 1210, and the communications signalindicator 1104. The network device 1100 also includes light source 1328associated with the power button 1102. As previously described, thelight source 1328 may be illuminated when the network device 1100 ispowered on.

The network device 1100 further includes a relay 1310. The relay 1310 isa switch that controls whether power is relayed from the plug 1208 tothe outlet 1106. The relay 1310 may be controlled either manually usingthe power button 1102 or remotely using wireless communication signals.For example, when the power button 1102 is in an ON position, the relay1310 may be closed so that power is relayed from the plug 1208 to theoutlet 1106. When the power button 1102 is in an OFF position, the relay1310 may be opened so that current is unable to flow from the plug 1208to the outlet 1106. As another example, an application or programrunning on an access device may transmit a signal that causes the relay1310 to be opened or closed. For instance, an access application maydisplay a graphical interface on the access device that includes a powerbutton. The user may tap or otherwise select the power button, and theaccess application may send a communication signal (e.g., over a WiFinetwork) to the network device 1100 instructing the network device 1100to open or close the relay 1310.

The network device 1100 further includes flash memory 1320 and dynamicrandom access memory (DRAM) 1322. The flash memory 1320 may be used tostore instructions or code relating to an operating system, one or moreapplications, and any firmware. The flash memory 1320 may includenonvolatile memory so that any firmware or other program can be canupdated. In the event the network device 1100 loses power, informationstored in the flash memory 1320 may be retained. The DRAM 1322 may storevarious other types of information needed to run the network device1100, such as all runtime instructions or code.

The network device 1100 further includes a CPU/Radio 1318. The CPU/Radio1318 controls the operations of the network device 1100. For example,the CPU/Radio 1318 may execute various applications or programs storedin the flash memory 1320 and/or the dynamic random access memory (DRAM)1322. The CPU/Radio 1318 may also receive input from the varioushardware and software components, interpret the input, and perform oneor more functions in response to the input. As one example, theCPU/Radio 1318 may determine whether the power button 1102 has beenpressed, and determines whether the relay 1310 needs to be opened orclosed. The CPU/Radio 1318 may further perform all communicationsfunctions in order to allow the network device 1100 to communicate withother network devices, one or more gateways, a cloud network, and/or oneor more access devices. While the CPU and radio of the network device1100 are shown to be combined in the CPU/Radio 1318, one of ordinaryskill in the art will appreciate that, in some embodiments, the CPU andradio may be separately located within the network device 1100. Forexample, CPU circuitry may be situated at a separate location on acircuit board from the location of radio circuitry, the CPU circuitrymay be located on a different circuit board from the radio circuitry, orthe like. Further, the network device 1100 may include multiple radiosthat are configured to communicate using one or more communicationprotocols, such as any combination of a WiFi™ transceiver radio, aBluetooth™ transceiver radio, a Zigbee™ transceiver radio, a UWBtransceiver radio, a WiFi-Direct transceiver radio, a BLE transceiverradio, and/or any other wireless network transceiver radio or interface.In some embodiments, the network device 1100 does not include a cellularnetwork transceiver radio or interface, and thus may not be configuredto directly communicate with a cellular network. In some embodiments,the network device 1100 may include a cellular network transceiverradio, and may be configured to communicate with a cellular networkusing the cellular network transceiver radio.

The network device 1100 may communicate with other devices and/ornetworks via antenna 1324. For example, antenna 1324 may include a 2.4GHz antenna, a 5 GHz antenna, or the like, that can transmit and receiveWiFi communications signals. The network device 1100 may include othertypes of antennas that can communicate Bluetooth® signals, Zigbee®signals, Ultra-Wideband (UWB) signals, WiFi-Direct signals, BLE signals,and/or the like. In some embodiments, the antenna 1324 may be configuredto communicate different types of signals, such as the WiFi signals,Bluetooth® signals, Zigbee® signals, UWB signals, WiFi-Direct signals,BLE signals, and/or the like. In some embodiments, the network device1100 may include multiple antennas for communicating the different typesof communication signals. As one example, the network device 1100 mayinclude both a 2.4 GHz antenna and a 5 GHz antenna.

The network device 1100 further includes a driver 1316, a switchingpower supply 1312, and a voltage regulator 1314. The driver 1316 mayinclude instructions or code that can be used to translate controlsignals or commands received from applications running on the DRAM 1322to commands that the various hardware components in the network device1100 can understand. In some embodiments, the driver 1316 may include anambient application running on the DRAM 1322. The switching power supply1312 may be used to transfer power from the outlet in which the plug1208 is connected to the various loads of the network device 1100 (e.g.,CPU/Radio 1318). The switching power supply 1312 may efficiently convertthe voltage and current characteristics of the electrical power to alevel that is appropriate for the components of the network device 1100.For example, the switching power supply 1312 may perform AC-DCconversion. In some embodiments, the switching power supply 1312 may beused to control the power that is relayed from the plug 1208 to theoutlet 1106. The voltage regulator 1314 may be used to convert thevoltage output from the switching power supply 1312 to a lower voltageusable by the CPU/Radio 1318. For example, the voltage regulator 1314may regulate the DC voltage from 5V to 3.3V.

In various embodiments, functions may be stored as one or morecomputer-program products, such as instructions or code, in anon-transitory machine-readable storage medium, such as the flash memory1320 and/or the DRAM 1322. The network device 1100 can also comprisesoftware elements (e.g., located within the memory), including, forexample, an operating system, device drivers, executable libraries,and/or other code, such as one or more application programs, which maycomprise computer programs implementing the functions provided byvarious embodiments, and/or may be designed to implement methods and/orconfigure systems, as described herein. Merely by way of example, one ormore procedures described with respect to the processes discussed above,for example as described with respect to FIG. 2, may be implemented ascode and/or instructions executable by a computer (and/or a processorwithin a computer); in an aspect, then, such code and/or instructionscan be used to configure and/or adapt a computer (or other device) toperform one or more operations in accordance with the described methods.Such functions or code may include code to perform the steps describedabove with respect to FIG. 2. The memory, such as the flash memory 1320and/or the DRAM 1322, may be a processor-readable memory and/or acomputer-readable memory that stores software code (programming code,instructions, etc.) configured to cause a processor(s) within theCPU/Radio 1318 to perform the functions described. In other embodiments,one or more of the functions described may be performed in hardware.

A set of these instructions and/or code might be stored on anon-transitory machine-readable storage medium, such as the flash memory1320 and/or the DRAM 1322. In some cases, the storage medium might beincorporated within a computer system, such as the CPU/Radio 1318. Inother embodiments, the storage medium might be separate from a computersystem (e.g., a removable medium, such as a compact disc), and/orprovided in an installation package, such that the storage medium can beused to program, configure and/or adapt a computer with theinstructions/code stored thereon. These instructions might take the formof executable code, which is executable by the network device 1100and/or might take the form of source and/or installable code, which,upon compilation and/or installation on the network device 1100 (e.g.,using compilers, installation programs, compression/decompressionutilities, etc.) then takes the form of executable code.

It should be appreciated that the network device 1100 may have othercomponents than those depicted in FIGS. 11-13. Further, the embodimentshown in the figures are only one example of a network device that mayincorporate an embodiment of the invention. In some other embodiments,network device 1100 may have more or fewer components than shown in thefigure, may combine two or more components, or may have a differentconfiguration or arrangement of components.

FIG. 14 is a schematic illustration of a local area network 1400including a network device 1402 that includes an appliance 1450. Thenetwork device 1402 can comprise an interface device 1404 and theappliance 1450 connected by an appliance interface 1408. The applianceinterface 1408 can include a data connection 1418 and a power connection1416. The data connection 1418 can be a serial connection (e.g., RS-232,USB, or other), or any other suitable data connection. The interfacedevice 1404 can be fully powered by the appliance 1402 through the powerconnection 1416, or can have a separate source of power.

The appliance 1450 can be any suitable electric device, such as a crockpot, space heater, an iron, a washing machine, a dishwasher, a lamp, aradio, a computer, an amplifier, or another electrical device.Additional examples of suitable electrical devices include electricaldevices incorporated into or with non-electrical devices, such as anactuator system in an electrically-actuated deadbolt, a sensing systemin a seat cushion, or other suitable electrical device incorporated intoor with a non-electrical device. The appliance 1450 can be adapted tooperate with the interface device 1404. The appliance 1450 can be anyfinite state machine. The appliance 1450 can, but need not, know orstore one or more states related to the appliance. For example, theappliance 1450 may know or store data related to whether the appliance1450 is turned on, how long the appliance has been on (or off), amongother status data.

The interface device 1404 can be positioned within the housing of theappliance 1450, or can be attached externally to the appliance 1450. Theinterface device 1404 can be removable from the appliance 1450, or canbe permanently installed in or on the appliance 1450.

The interface device 1404 can be connected to the local area network1400 through a network interface. The interface device 1404 can beconnected by a wired or wireless connection (e.g., WiFi, Zigbee, orothers described herein or well known). In some embodiments, theinterface device 1404 can be connected directly to the cloud network 114through a cellular internet connection (e.g., EDGE, LTE, or others).

The interface device 1404 can communicate with another network device,an access device 108, or another client device through the networkinterface 1406. The interface device 1404 can transmit a statusinformation signal 1410 with status information to the access device108, and the access device 108 can transmit a network device controlsignal 1412 to the interface device 1404. The status information signal1410 and the network device control signal 1412 can be transmittedbetween the interface device 1404 and the access device 108 using atelecommunications network (e.g., a cellular network, or other suitablebroadband network), using a local area network 1400 (e.g., through agateway 110), or using the cloud network 114, although such a signal maypass through an intermediary device or network to do so.

The interface device 1404 can interpret the network device controlsignal 1412 and perform actions based on the contents of the networkdevice control signal 1412. The network device control signal 1412 caninclude commands that can be performed by the interface device 1404itself. The network device control signal 1412 can also include commandsthat are to be performed by the appliance 1450. Commands that are to beperformed by the appliance 1450 can include commands like turn on oroff, set a desired temperature (e.g., heat up or cool down to 215° F. orany other temperature), or other suitable commands depending on theparticular appliance. The interface device 1404 can interpret thenetwork device control signal 1412 and can send out a command 1422,through the data connection 1418 of the appliance interface 1408, basedon the network device control signal 1412. The appliance 1450 can thenperform the command indicated in the network device control signal 1412.

The interface device 1404 can also transmit commands to the appliance1450 that are not based on a network device control signal received fromthe access device 108, but are rather based on programming in theinterface device 1404. Examples of such commands can include commands toupdate a communication rate, commands to check a state of the appliance1450, commands to set or get a clock time of the appliance 1450, or anyother suitable commands.

The interface device 1404 can receive, through the data connection 1418of the appliance interface 1408, a response (e.g., response 1420) to anycommand from the appliance 1450. In some examples, the response 1420 caninclude an indication that the command 1422 was received. In someexamples, the response may include only an indication that a command isreceived (e.g., an ACK). In some examples, the response 1420 can includeinformation for some value on the appliance 1450, such as an “on/off”state, a serial number, a product identification, a manufactureridentification, a temperature, a time since live, a setting, or anyother value retrievable from the appliance 1450. The interface device1404 can interpret the value and can send information about the value(e.g., the state of the appliance is “on,” the temperature of theappliance, the time since the appliance first turned on, or otherinformation) as status information (e.g. using status information signal1410) to the access device 108. Additionally, the interface device 1404can send status information about itself (e.g., time since live,supplied power, signal strength, and others) as status information (e.g.using status information signal 1410) to the access device 108.

The interface device 1404 can also use responses (e.g., response 1420)from the appliance 1450 to perform additional functions at the interfacedevice 1404, such as error handling. In some cases, when performing theadditional functions, the interface device 1404 does not transmit anystatus information 1410 to the access device 108 based on thoseparticular responses.

The access device 108 can include one or more display tiles (e.g.,display tile 1414) for displaying information and controls correspondingto the network device 102.

In some embodiments, the interface device 1404 can transmit a heartbeatcommand (e.g., command 1422) over the data connection 1418 to theappliance 1402 to determine whether the appliance 1450 is workingproperly and/or in a state of readiness. If the interface device 1404determines that the appliance 1450 has had some sort of failure (e.g.,the appliance 1450 sends a response 1420 indicating a failure or theinterface device 1404 does not receive any response 1420), the interfacedevice 1404 can take corrective action (e.g., restarting the appliance1450 or an element of the appliance 1450), can log the event, or canalert the user).

FIG. 15 depicts a block diagram of a network device including aninterface device 1404 attached to an appliance 1450 according to oneembodiment. The interface device 1404 can include connector 1512 thatinteracts with connector 1532 of the appliance 1450.

The interface device 1404 can include flash memory 1504 and dynamicrandom access memory (DRAM) 1506. The flash memory 1504 may be used tostore instructions or code relating to an operating system, one or moreapplications, and any firmware. The flash memory 1504 can be used tostore a cache. The flash memory 1504 may include nonvolatile memory sothat any firmware or other program can be can updated. In the event theinterface device 1404 loses power, information stored in the flashmemory 1504 may be retained. The DRAM 1506 may store various other typesof information needed to run the interface device 1404, such as allruntime instructions or code. The flash memory 1504 or DRAM 1506 or acombination thereof may include all instructions necessary tocommunicate with an appliance 1450, including all instructions necessaryto communicate using the appliance serial protocol disclosed herein.

The interface device 1404 further includes a CPU/Radio 1502. TheCPU/Radio 1502 can control the operations of the interface device 1404.For example, the CPU/Radio 1502 may execute various applications orprograms stored in the flash memory 1504 and/or the dynamic randomaccess memory (DRAM) 1506. The CPU/Radio 1502 may also receive inputfrom the appliance 1450, interpret the input, and perform one or morefunctions in response to the input. The CPU/Radio 1502 may furtherperform all communications functions in order to allow the interfacedevice 1404 to communicate with other network devices, one or moregateways, a cloud network, and/or one or more access devices. Theinterface device 1404 may communicate with other devices and/or networksvia antenna 1526. For example, antenna 1526 may include a 2.4 GHzantenna that can transmit and receive WiFi communications signals 1528.The antenna 1526 may include other types of antennas that cancommunicate Bluetooth® signals, Zigbee® signals, Ultra-Wideband (UWB)signals, and/or the like. In some embodiments, the interface device 1404may include multiple antennas for communicating different types ofcommunication signals.

The CPU/Radio 1502 can include at least one universal asynchronousreceiver/transmitter (UART) 1510. The CPU/Radio 1403 can use the UART1510 to send and receive serial communications. The CPU/Radio 1403 cansend data through a transmit line 1522 and a receive data through areceive line 1524. The CPU/Radio 1403 can send and receive data throughthe transmit line 1522 and receive line 1524 using a serial protocol,such as RS232. The CPU/Radio 1502 can also include an input/output(GPIO) line 1514, a restore line 1516, an LED 1 line 1518, and an LED 2line 1520. The CPU/Radio 1502 can have additional or fewer lines asnecessary. The GPIO line 1514 can be used for any suitable function,such as powering an indicator light on an appliance 1450 or accepting aninput from the appliance 1450. A signal sent on the restore line 1516can be used to restore the CPU/Radio 1502 and/or the interface device1404 to factory defaults. The LED 1 line 1518 and LED 2 line 1520 can beused to power first and second LEDs that can be used to indicate variousstatuses, such as whether the interface device has a network connectionand whether the interface device is powered on.

The interface device 1404 further includes a voltage regulator 1508. Thevoltage regulator 1508 may be used to convert the voltage output fromthe appliance 1450 to a voltage usable by the CPU/Radio 1502. Forexample, the voltage regulator 1508 may regulate the DC voltage from 5Vto 3.3V. The voltage regulator 1508 can be supplied with power from apower line 1530.

Each of the interface lines, including the GPIO line 1514, the restoreline 1516, the LED 1 line 1518, the LED 2 line 1520, the transmit line1522, the receive line 1524, the power line 1530, and any additionallines, can be routed through connector 1512. Connector 1512 can be aproprietary or universal connector. Any appliance 1450 to which theinterface device 1404 is attached through the connector 1512 can havethe necessary hardware to make use of the interface lines, such as toprovide power to the power line 1530 and to provide the first and secondLEDs that are driven by the LED 1 line 1518 and LED 2 line 1520.

In alternate embodiments, some interface lines are not routed throughthe connector 1512. For example, the power line 1530 can be routed to apower supply attached directly to the interface device 1404, and the LED1 line 1518 and LED 2 line 1520 can be routed to first and second LEDslocated within the interface device 1404.

In various embodiments, functions may be stored as one or moreinstructions or code in memory, such as the flash memory 1504 and/or theDRAM 1506. The interface device 1404 can also comprise software elements(e.g., located within the memory), including, for example, an operatingsystem, device drivers, executable libraries, and/or other code, such asone or more application programs, which may comprise computer programsimplementing the functions provided by various embodiments, and/or maybe designed to implement methods and/or configure systems, as describedherein. Merely by way of example, one or more procedures described withrespect to the processes discussed below may be implemented as codeand/or instructions executable by a computer (and/or a processor withina computer); in an aspect, then, such code and/or instructions can beused to configure and/or adapt a device (e.g. a specialty computer) toperform one or more operations in accordance with the described methods.Such functions or code may include code to perform various stepsdescribed below. The memory, such as the flash memory 1504 and/or theDRAM 1506, may be a processor-readable memory and/or a computer-readablememory that stores software code (programming code, instructions, etc.)configured to cause a processor(s) within the CPU/Radio 1502 to performthe functions described. In other embodiments, one or more of thefunctions described may be performed in hardware.

A set of these instructions and/or code might be stored on acomputer-readable storage medium, such as the flash memory 1504 and/orthe DRAM 1506. In some cases, the storage medium might be incorporatedwithin a computer system, such as the CPU/Radio 1502. In otherembodiments, the storage medium might be separate from a computer system(e.g., a removable medium, such as a compact disc), and/or provided inan installation package, such that the storage medium can be used toprogram, configure and/or adapt a device (e.g. a computer) with theinstructions/code stored thereon. These instructions might take the formof executable code, which is executable by the interface device 1404and/or might take the form of source and/or installable code, which,upon compilation and/or installation on the interface device 1404 (e.g.,using any of a variety of compilers, installation programs,compression/decompression utilities, etc.) then takes the form ofexecutable code.

Substantial variations may be made in accordance with specificrequirements. For example, customized hardware might also be used,and/or particular elements might be implemented in hardware, software(including portable software, such as applets, etc.), or both. Further,connection to other access or computing devices such as networkinput/output devices may be employed.

The interface device 1404 may have other components than those depictedin FIG. 15. Further, the embodiment shown in the figures are only oneexample of an interface device that may incorporate an embodiment of theinvention. In some other embodiments, interface device 1404 may havemore or fewer components than shown in the figure, may combine two ormore components, or may have a different configuration or arrangement ofcomponents.

The appliance 1450 can have a processor 1534. The processor 1534 can bea microcontroller, such as a Peripheral Interface Controller (PIC). Theappliance 1450 can include a memory 1536 (e.g., a flash memory or other)that is readable by the processor 1534. The memory 1536 can includeinstructions enabling the innate functionality of the appliance 1450,such as heating and timing for a crock pot.

The appliance 1450 can include a user interface 1538. The user interface1538 can provide buttons, displays, LEDs, knobs, and other input andoutput elements necessary for a user to interact with the appliance1450. For example, a user interface 1538 for a slow cooker can include adisplay, a power button, a temperature adjustment button, and a startbutton. The user interface 1538 can be driven and/or monitored by theprocessor 1534. In some embodiments, the appliance 1450 is “headless” orhas no user interface 1538.

The appliance 1450 can include a power supply 1540 that can providepower to the voltage regulator 1538 of the interface device 1404 throughconnector 1532, connector 1512, and power line 1530.

The appliance 1450 can include an interface device user interfaceextension 1542. The interface device user interface extension 1542 caninclude various input and output elements that are passed directly tothe interface device 1404 without being processed by the processor 1534.Examples of input and output elements of the interface device userinterface extension 1542 include LEDs associated with the LED 1 line1518 and LED 2 line 1520, a hardware restore button associated with therestore line 1516, or any other suitable input/output element.

Substantial variations may be made in accordance with specificrequirements. For example, customized hardware might also be used,and/or particular elements might be implemented in hardware, software(including portable software, such as applets, etc.), or both. Further,connection to other access or computing devices such as networkinput/output devices may be employed.

Substantial variations may be made in accordance with specificrequirements. For example, particular elements might be implemented inhardware, software (including portable software, such as applets, etc.),or both. Further, connection to other access or computing devices suchas network input/output devices may be employed.

In the foregoing specification, aspects of the invention are describedwith reference to specific embodiments thereof, but those skilled in theart will recognize that the invention is not limited thereto. Variousfeatures and aspects of the above-described invention may be usedindividually or jointly. Further, embodiments can be utilized in anynumber of environments and applications beyond those described hereinwithout departing from the broader spirit and scope of thespecification. The specification and drawings are, accordingly, to beregarded as illustrative rather than restrictive.

In the foregoing description, for the purposes of illustration, methodswere described in a particular order. It should be appreciated that inalternate embodiments, the methods may be performed in a different orderthan that described. It should also be appreciated that the methodsdescribed above may be performed by hardware components or may beembodied in sequences of machine-executable instructions, which may beused to cause a machine, such as a special-purpose processor or logiccircuits programmed with the instructions to perform the methods. Thesemachine-executable instructions may be stored on one or more machinereadable mediums, such as CD-ROMs or other type of optical disks, floppydiskettes, ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, flashmemory, or other types of machine-readable mediums suitable for storingelectronic instructions. Alternatively, the methods may be performed bya combination of hardware and software.

Where components are described as being configured to perform certainoperations, such configuration can be accomplished, for example, bydesigning electronic circuits or other hardware to perform theoperation, by programming programmable electronic circuits (e.g.,microprocessors, or other suitable electronic circuits) to perform theoperation, or any combination thereof.

While illustrative embodiments of the application have been described indetail herein, it is to be understood that the inventive concepts may beotherwise variously embodied and employed, and that the appended claimsare intended to be construed to include such variations, except aslimited by the prior art.

What is claimed is:
 1. A computer-implemented method comprising:establishing, by a computing device, a connection with a local networkincluding a network device; establishing, using the connection with thelocal network, an additional connection with a wide area network;receiving, using the additional connection, an identifier associatedwith the local network and a security key; storing, on the computingdevice, the identifier and the security key; terminating the connection,wherein terminating the connection occurs after storing the receivedidentifier and the security key; detecting, by the computing device,input corresponding to interaction with an interface of the computingdevice; determining to which network the computing device is connected,wherein networks include the local network and a remote network; sendinga message to the network device using the local network when it isdetermined that the computing device is connected to the local network,wherein the message corresponds to an operation of the network device;and sending a message to the network device using the remote networkwhen it is determined that the computing device is connected to theremote network, wherein sending the message to the network device usingthe remote network includes using the identifier and the security key.2. The method of claim 1, further comprising determining that thecomputing device has authorization to communicate with the networkdevice on the local network, and wherein determining that the computingdevice has authorization to communicate with the network device on thelocal network includes using the security key.
 3. The method of claim 1,further comprising determining whether a communication protocol of thecomputing device supports communication with the network device usingthe local network, wherein sending the message to the network deviceusing the local network occurs when it is determined that the computingdevice is connected to the local network and that the communicationprotocol of the computing device supports communication with the networkdevice using the local network.
 4. The method of claim 1, whereindetermining that the computing device is connected to the remote networkincludes: determining an identifier associated with the remote network;comparing the identifier associated with the remote network to thestored identifier associated with the local network; and determiningthat the identifier associated with the remote network does not matchthe stored identifier associated with the local network.
 5. The methodof claim 1, wherein the local network comprises a wireless network, andwherein the remote network comprises a network that is different fromthe wireless network.
 6. The method of claim 1, wherein the message thatis sent to the network device using the remote network is encryptedusing the security key, the security key facilitating access to thenetwork device on the local network.
 7. The method of claim 1, whereinthe remote network includes a cloud network in communication with thelocal network, and wherein sending the message to the network deviceusing the remote network includes sending the message to the cloudnetwork, and wherein the cloud network sends the message received fromthe computing device to the network device on the local network.
 8. Themethod of claim 1, further comprising: in response to sending themessage to the network device using the remote network, receiving aresponse message from the network device using the remote network,wherein the response message corresponds to the operation of the networkdevice.
 9. The method of claim 1, further comprising: modifying theinterface to display a first indication about the operation of thenetwork device when it is determined that the computing device isconnected to the local network; and modifying the interface to display asecond indication about the operation of the network device when it isdetermined that the computing device is connected to the remote network.10. The method of claim 1, wherein the input corresponds to controllingthe operation of the network device, and wherein the message is sentbased on the input.
 11. The method of claim 1, wherein the wide areanetwork includes an additional computing device, and wherein thesecurity key is generated by the additional computing device.
 12. Themethod of claim 11, wherein establishing the connection with the localnetwork includes connecting to a gateway of the local network, whereinthe identifier is stored on the additional computing device in associatewith unique credentials of the gateway, and wherein the message sent tothe network device using the remote network, when received by theadditional computing device, uses the identifier to direct the messageto the gateway of the local network.
 13. The method of claim 1, whereinthe security key is generated by the network device.
 14. A systemcomprising: one or more data processors; and a non-transitorycomputer-readable storage medium containing instructions which, whenexecuted on the one or more data processors, cause the one or more dataprocessors to perform operations including: establishing, by a computingdevice, a connection with a local network including a network device;establishing, using the connection with the local network, an additionalconnection with a wide area network; receiving, using the additionalconnection, an identifier associated with the local network and asecurity key; storing, on the computing device, the identifier and thesecurity key; terminating the connection, wherein terminating theconnection occurs after storing the received identifier and the securitykey; detecting input corresponding to interaction with an interface ofthe computing device; determining to which network the computing deviceis connected, wherein networks include the local network and a remotenetwork; sending a message to the network device using the local networkwhen it is determined that the computing device is connected to thelocal network, wherein the message corresponds to an operation of thenetwork device; and sending the message to the network device using theremote network when it is determined that the computing device isconnected to the remote network, wherein sending the message to thenetwork device using the remote network includes using the identifierand the security key.
 15. The system of claim 14, wherein the operationsfurther comprise determining that the computing device has authorizationto communicate with the network device on the local network, and whereindetermining that the computing device has authorization to communicatewith the network device on the local network includes using the securitykey.
 16. The system of claim 14, wherein the operations further comprisedetermining whether a communication protocol of the computing devicesupports communication with the network device using the local network,wherein sending the message to the network device using the localnetwork occurs when it is determined that the computing device isconnected to the local network and that the communication protocol ofthe computing device supports communication with the network deviceusing the local network.
 17. The system of claim 14, wherein determiningthat the computing device is connected to the remote network includes:determining an identifier associated with the remote network; comparingthe identifier associated with the remote network to the storedidentifier associated with the local network; and determining that theidentifier associated with the remote network does not match the storedidentifier associated with the local network.
 18. The system of claim14, wherein the local network comprises a wireless network, and whereinthe remote network comprises a network that is different from thewireless network.
 19. The system of claim 14, wherein the message thatis sent to the network device using the remote network is encryptedusing the security key, the security key facilitating access to thenetwork device on the local network.
 20. The system of claim 14, whereinthe remote network includes a cloud network in communication with thelocal network, and wherein sending the message to the network deviceusing the remote network includes sending the message to the cloudnetwork, and wherein the cloud network sends the message received fromthe computing device to the network device on the local network.
 21. Thesystem of claim 14, wherein the operations further comprise: in responseto sending the message to the network device using the remote network,receiving a response message from the network device using the remotenetwork, wherein the response message corresponds to the operation ofthe network device.
 22. The system of claim 14, wherein the operationsfurther comprise: modifying the interface to display a first indicationabout the operation of the network device when it is determined that thecomputing device is connected to the local network; and modifying theinterface to display a second indication about the operation of thenetwork device when it is determined that the computing device isconnected to the remote network.
 23. The system of claim 14, wherein theinput corresponds to controlling the operation of the network device,and wherein the message is sent based on the input.
 24. The system ofclaim 14, wherein the wide area network includes an additional computingdevice, and wherein the security key is generated by the additionalcomputing device.
 25. The system of claim 24, wherein establishing theconnection with the local network includes connecting to a gateway ofthe local network, wherein the identifier is stored on the additionalcomputing device in associate with unique credentials of the gateway,and wherein the message sent to the network device using the remotenetwork, when received by the additional computing device, uses theidentifier to direct the message to the gateway of the local network.26. The system of claim 14, wherein the security key is generated by thenetwork device.
 27. A computer-program product tangibly embodied in anon-transitory machine-readable storage medium, including instructionsconfigured to cause a data processing apparatus to perform operationsincluding: establishing, by a computing device, a connection with alocal network including a network device; establishing, using theconnection with the local network, an additional connection with a widearea network; receiving, using the additional connection, an identifierassociated with the local network and a security key; storing, on thecomputing device, the identifier and the security key; terminating theconnection, wherein terminating the connection occurs after storing thereceived identifier and the security key; detecting, by a computingdevice, input corresponding to interaction with an interface of thecomputing device; determining to which network the computing device isconnected, wherein networks include the local network and a remotenetwork; sending a message to the network device using the local networkwhen it is determined that the computing device is connected to thelocal network, wherein the message corresponds to an operation of thenetwork device; and send the message to the network device using theremote network based on determining that the computing device isconnected to the remote network.
 28. The computer-program product ofclaim 27, wherein the operations further comprise determining that thecomputing device has authorization to communicate with the networkdevice on the local network, and wherein determining that the computingdevice has authorization to communicate with the network device on thelocal network includes using the security key.
 29. The computer-programproduct of claim 27, wherein the operations further comprise determiningwhether a communication protocol of the computing device supportscommunication with the network device using the local network, whereinsending the message to the network device using the local network occurswhen it is determined that the computing device is connected to thelocal network and that the communication protocol of the computingdevice supports communication with the network device using the localnetwork.
 30. The computer-program product of claim 27, whereindetermining that the computing device is connected to the remote networkincludes: determining an identifier associated with the remote network;comparing the identifier associated with the remote network to thestored identifier associated with the local network; and determiningthat the identifier associated with the remote network does not matchthe stored identifier associated with the local network.
 31. Thecomputer-program product of claim 27, wherein the local networkcomprises a wireless network, and wherein the remote network comprises anetwork that is different from the wireless network.
 32. Thecomputer-program product of claim 27, wherein the message that is sentto the network device using the remote network is encrypted using thesecurity key, the security key facilitating access to the network deviceon the local network.
 33. The computer-program product of claim 27,wherein the remote network includes a cloud network in communicationwith the local network, and wherein sending the message to the networkdevice using the remote network includes sending the message to thecloud network, and wherein the cloud network sends the message receivedfrom the computing device to the network device on the local network.34. The computer-program product of claim 27, wherein the operationsfurther comprise: in response to sending the message to the networkdevice using the remote network, receiving a response message from thenetwork device using the remote network, wherein the response messagecorresponds to the operation of the network device.
 35. Thecomputer-program product of claim 27, wherein the operations furthercomprise: modifying the interface to display a first indication aboutthe operation of the network device when it is determined that thecomputing device is connected to the local network; and modifying theinterface to display a second indication about the operation of thenetwork device when it is determined that the computing device isconnected to the remote network.
 36. The computer-program product ofclaim 27, wherein the input corresponds to controlling the operation ofthe network device, and wherein the message is sent based on the input.37. The computer-program product of claim 27, wherein the wide areanetwork includes an additional computing device, and wherein thesecurity key is generated by the additional computing device.
 38. Thecomputer-program product of claim 37, wherein establishing theconnection with the local network includes connecting to a gateway ofthe local network, wherein the identifier is stored on the additionalcomputing device in associate with unique credentials of the gateway,and wherein the message sent to the network device using the remotenetwork, when received by the additional computing device, uses theidentifier to direct the message to the gateway of the local network.39. The computer-program product of claim 27, wherein the security keyis generated by the network device.